Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-41172
Vulnerability from cvelistv5
Published
2024-07-19 08:50
Modified
2024-09-13 17:05
Severity ?
EPSS score ?
Summary
In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache CXF |
Version: 3.6.0, 4.0.0 ≤ |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "cxf", vendor: "apache", versions: [ { lessThan: "3.6.4", status: "affected", version: "3.6.0", versionType: "semver", }, { lessThan: "4.0.5", status: "affected", version: "4.0.0", versionType: "semver", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2024-41172", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T17:58:41.172215Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-24T18:59:47.054Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-13T17:05:12.209Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { url: "https://security.netapp.com/advisory/ntap-20240808-0008/", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/18/4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache CXF", vendor: "Apache Software Foundation", versions: [ { lessThan: "3.6.4, 4.0.5", status: "affected", version: "3.6.0, 4.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory<br>", }, ], value: "In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory\n", }, ], metrics: [ { other: { content: { text: "low", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-401", description: "CWE-401 Missing Release of Memory after Effective Lifetime", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-19T08:50:43.766Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, ], source: { discovery: "UNKNOWN", }, title: "Apache CXF: Unrestricted memory consumption in CXF HTTP clients", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2024-41172", datePublished: "2024-07-19T08:50:43.766Z", dateReserved: "2024-07-17T13:38:34.414Z", dateUpdated: "2024-09-13T17:05:12.209Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.6.0\", \"versionEndExcluding\": \"3.6.4\", \"matchCriteriaId\": \"7D6F6603-DD23-4DD5-8B90-0BAB0EB7E1D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndExcluding\": \"4.0.5\", \"matchCriteriaId\": \"ACAFECF5-75A5-4397-A588-F51D09717335\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory\\n\"}, {\"lang\": \"es\", \"value\": \"En las versiones de Apache CXF anteriores a 3.6.4 y 4.0.5 (las versiones 3.5.x y inferiores no se ven afectadas), un conducto de cliente HTTP de CXF puede impedir que las instancias de HTTPClient se recopilen como basura y es posible que el consumo de memoria contin\\u00fae aumentando eventualmente causando que la aplicaci\\u00f3n se quede sin memoria.\"}]", id: "CVE-2024-41172", lastModified: "2024-11-21T09:32:20.520", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}]}", published: "2024-07-19T09:15:05.640", references: "[{\"url\": \"https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/18/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240808-0008/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security@apache.org\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-401\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-41172\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-19T09:15:05.640\",\"lastModified\":\"2024-11-21T09:32:20.520\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory\\n\"},{\"lang\":\"es\",\"value\":\"En las versiones de Apache CXF anteriores a 3.6.4 y 4.0.5 (las versiones 3.5.x y inferiores no se ven afectadas), un conducto de cliente HTTP de CXF puede impedir que las instancias de HTTPClient se recopilen como basura y es posible que el consumo de memoria continúe aumentando eventualmente causando que la aplicación se quede sin memoria.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.6.0\",\"versionEndExcluding\":\"3.6.4\",\"matchCriteriaId\":\"7D6F6603-DD23-4DD5-8B90-0BAB0EB7E1D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.0.5\",\"matchCriteriaId\":\"ACAFECF5-75A5-4397-A588-F51D09717335\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240808-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240808-0008/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/18/4\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-13T17:05:12.209Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-41172\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T17:58:41.172215Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\"], \"vendor\": \"apache\", \"product\": \"cxf\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.0.0\", \"lessThan\": \"4.0.5\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-23T18:04:13.602Z\"}}], \"cna\": {\"title\": \"Apache CXF: Unrestricted memory consumption in CXF HTTP clients\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"low\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache CXF\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.6.0, 4.0.0\", \"lessThan\": \"3.6.4, 4.0.5\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory<br>\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-401\", \"description\": \"CWE-401 Missing Release of Memory after Effective Lifetime\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-07-19T08:50:43.766Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-41172\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-13T17:05:12.209Z\", \"dateReserved\": \"2024-07-17T13:38:34.414Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-07-19T08:50:43.766Z\", \"assignerShortName\": \"apache\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
ghsa-4mgg-fqfq-64hg
Vulnerability from github
Published
2024-07-19 09:32
Modified
2024-11-18 16:26
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
6.3 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
Details
In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory
{ affected: [ { package: { ecosystem: "Maven", name: "org.apache.cxf:cxf-rt-transports-http", }, ranges: [ { events: [ { introduced: "4.0.0", }, { fixed: "4.0.5", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Maven", name: "org.apache.cxf:cxf-rt-transports-http", }, ranges: [ { events: [ { introduced: "3.6.0", }, { fixed: "3.6.4", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2024-41172", ], database_specific: { cwe_ids: [ "CWE-401", ], github_reviewed: true, github_reviewed_at: "2024-07-19T18:34:56Z", nvd_published_at: "2024-07-19T09:15:05Z", severity: "MODERATE", }, details: "In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory\n", id: "GHSA-4mgg-fqfq-64hg", modified: "2024-11-18T16:26:53Z", published: "2024-07-19T09:32:06Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { type: "PACKAGE", url: "https://github.com/apache/cxf", }, { type: "WEB", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", type: "CVSS_V4", }, ], summary: "Apache CXF allows unrestricted memory consumption in CXF HTTP clients", }
rhsa-2024:8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-03-05 22:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8824", url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27248", url: "https://issues.redhat.com/browse/JBEAP-27248", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2025-03-05T22:44:31+00:00", generator: { date: "2025-03-05T22:44:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.0", }, }, id: "RHSA-2024:8824", initial_release_date: "2024-11-04T20:13:24+00:00", revision_history: [ { date: "2024-11-04T20:13:24+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:13:24+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-05T22:44:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 9", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_id: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", }, product_reference: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
rhsa-2024_8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-12-13 14:17
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8823", url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27247", url: "https://issues.redhat.com/browse/JBEAP-27247", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2024-12-13T14:17:02+00:00", generator: { date: "2024-12-13T14:17:02+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8823", initial_release_date: "2024-11-04T20:13:37+00:00", revision_history: [ { date: "2024-11-04T20:13:37+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:13:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-13T14:17:02+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 8", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_id: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", }, product_reference: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
RHSA-2024:8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2025-03-05 22:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8826", url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2025-03-05T22:44:59+00:00", generator: { date: "2025-03-05T22:44:59+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.0", }, }, id: "RHSA-2024:8826", initial_release_date: "2024-11-04T20:56:02+00:00", revision_history: [ { date: "2024-11-04T20:56:02+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:56:02+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-05T22:44:59+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 8", product: { name: "Red Hat JBoss Enterprise Application Platform 8", product_id: "Red Hat JBoss Enterprise Application Platform 8", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
rhsa-2024:7052
Vulnerability from csaf_redhat
Published
2024-09-24 12:51
Modified
2025-03-31 12:37
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)
Notes
Topic
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
Details
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in
* CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size
* CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size
* CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE
* CVE-2024-41172 org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients
* CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.", title: "Topic", }, { category: "general", text: "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:\n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in \n* CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size\n* CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size\n* CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE\n* CVE-2024-41172 org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients\n* CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7052", url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-45294", url: "https://access.redhat.com/security/cve/CVE-2024-45294", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-8391", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-32007", url: "https://access.redhat.com/security/cve/CVE-2024-32007", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-41172", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-35255", url: "https://access.redhat.com/security/cve/CVE-2024-35255", }, { category: "external", summary: "2295081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295081", }, { category: "external", summary: "2298828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298828", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "2310447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310447", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7052.json", }, ], title: "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)", tracking: { current_release_date: "2025-03-31T12:37:28+00:00", generator: { date: "2025-03-31T12:37:28+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7052", initial_release_date: "2024-09-24T12:51:36+00:00", revision_history: [ { date: "2024-09-24T12:51:36+00:00", number: "1", summary: "Initial version", }, { date: "2024-09-24T12:51:36+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-31T12:37:28+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Apache Camel 4 for Quarkus 3", product: { name: "Red Hat build of Apache Camel 4 for Quarkus 3", product_id: "Red Hat build of Apache Camel 4 for Quarkus 3", product_identification_helper: { cpe: "cpe:/a:redhat:camel_quarkus:3.8", }, }, }, ], category: "product_family", name: "Red Hat Build of Apache Camel", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8391", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-09-04T16:20:44.762419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309758", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "RHBZ#2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8391", url: "https://www.cve.org/CVERecord?id=CVE-2024-8391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", }, { category: "external", summary: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", url: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", }, ], release_date: "2024-09-04T16:15:09.253000+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", }, { cve: "CVE-2024-32007", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-07-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298828", }, ], notes: [ { category: "description", text: "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE", title: "Vulnerability summary", }, { category: "other", text: "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF's JAX-RS, and EAP uses RESTEasy, hence it's not-affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32007", }, { category: "external", summary: "RHBZ#2298828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298828", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32007", url: "https://www.cve.org/CVERecord?id=CVE-2024-32007", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32007", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32007", }, { category: "external", summary: "https://github.com/advisories/GHSA-6pff-fmh2-4mmf", url: "https://github.com/advisories/GHSA-6pff-fmh2-4mmf", }, { category: "external", summary: "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633", url: "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE", }, { cve: "CVE-2024-35255", discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295081", }, ], notes: [ { category: "description", text: "A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library (MSAL). The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalation, allowing attackers to gain unauthorized access to sensitive information. The vulnerability affects multiple versions of these libraries across various programming languages, including Java, .NET, Node.js, Python, JavaScript, C++, and Go. Microsoft has addressed this issue by releasing updated versions of the affected libraries. Users are strongly advised to upgrade to these patched versions to mitigate potential security risks.", title: "Vulnerability description", }, { category: "summary", text: "azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35255", }, { category: "external", summary: "RHBZ#2295081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295081", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35255", url: "https://www.cve.org/CVERecord?id=CVE-2024-35255", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", }, { category: "external", summary: "https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499", url: "https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499", }, { category: "external", summary: "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340", url: "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340", }, { category: "external", summary: "https://github.com/advisories/GHSA-m5vv-6r4h-3vj9", url: "https://github.com/advisories/GHSA-m5vv-6r4h-3vj9", }, { category: "external", summary: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255", url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, { cve: "CVE-2024-45294", cwe: { id: "CWE-611", name: "Improper Restriction of XML External Entity Reference", }, discovery_date: "2024-09-06T16:20:11.403869+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310447", }, ], notes: [ { category: "description", text: "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.", title: "Vulnerability description", }, { category: "summary", text: "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45294", }, { category: "external", summary: "RHBZ#2310447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310447", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45294", url: "https://www.cve.org/CVERecord?id=CVE-2024-45294", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", }, { category: "external", summary: "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", url: "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", }, { category: "external", summary: "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", url: "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", }, ], release_date: "2024-09-06T16:15:03.300000+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", }, ], }
rhsa-2024_8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-12-13 14:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8824", url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27248", url: "https://issues.redhat.com/browse/JBEAP-27248", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2024-12-13T14:15:19+00:00", generator: { date: "2024-12-13T14:15:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8824", initial_release_date: "2024-11-04T20:13:24+00:00", revision_history: [ { date: "2024-11-04T20:13:24+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:13:24+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-13T14:15:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 9", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_id: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", }, product_reference: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
rhsa-2024:8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-03-05 22:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8823", url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27247", url: "https://issues.redhat.com/browse/JBEAP-27247", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2025-03-05T22:44:45+00:00", generator: { date: "2025-03-05T22:44:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.0", }, }, id: "RHSA-2024:8823", initial_release_date: "2024-11-04T20:13:37+00:00", revision_history: [ { date: "2024-11-04T20:13:37+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:13:37+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-05T22:44:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 8", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_id: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", }, product_reference: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
rhsa-2024:8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2025-03-05 22:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8826", url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2025-03-05T22:44:59+00:00", generator: { date: "2025-03-05T22:44:59+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.0", }, }, id: "RHSA-2024:8826", initial_release_date: "2024-11-04T20:56:02+00:00", revision_history: [ { date: "2024-11-04T20:56:02+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:56:02+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-05T22:44:59+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 8", product: { name: "Red Hat JBoss Enterprise Application Platform 8", product_id: "Red Hat JBoss Enterprise Application Platform 8", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
RHSA-2024:8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-03-05 22:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8823", url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27247", url: "https://issues.redhat.com/browse/JBEAP-27247", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2025-03-05T22:44:45+00:00", generator: { date: "2025-03-05T22:44:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.0", }, }, id: "RHSA-2024:8823", initial_release_date: "2024-11-04T20:13:37+00:00", revision_history: [ { date: "2024-11-04T20:13:37+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:13:37+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-05T22:44:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 8", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_id: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_id: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_id: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_id: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", }, product_reference: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", }, product_reference: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:37+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8823", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
rhsa-2024_8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2024-12-13 14:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8826", url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2024-12-13T14:15:31+00:00", generator: { date: "2024-12-13T14:15:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:8826", initial_release_date: "2024-11-04T20:56:02+00:00", revision_history: [ { date: "2024-11-04T20:56:02+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:56:02+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-13T14:15:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 8", product: { name: "Red Hat JBoss Enterprise Application Platform 8", product_id: "Red Hat JBoss Enterprise Application Platform 8", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:56:02+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8826", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
RHSA-2024:7052
Vulnerability from csaf_redhat
Published
2024-09-24 12:51
Modified
2025-03-31 12:37
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)
Notes
Topic
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
Details
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in
* CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size
* CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size
* CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE
* CVE-2024-41172 org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients
* CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.", title: "Topic", }, { category: "general", text: "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:\n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in \n* CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size\n* CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size\n* CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE\n* CVE-2024-41172 org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients\n* CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7052", url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-45294", url: "https://access.redhat.com/security/cve/CVE-2024-45294", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-8391", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-32007", url: "https://access.redhat.com/security/cve/CVE-2024-32007", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-41172", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-35255", url: "https://access.redhat.com/security/cve/CVE-2024-35255", }, { category: "external", summary: "2295081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295081", }, { category: "external", summary: "2298828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298828", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "2310447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310447", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7052.json", }, ], title: "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)", tracking: { current_release_date: "2025-03-31T12:37:28+00:00", generator: { date: "2025-03-31T12:37:28+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:7052", initial_release_date: "2024-09-24T12:51:36+00:00", revision_history: [ { date: "2024-09-24T12:51:36+00:00", number: "1", summary: "Initial version", }, { date: "2024-09-24T12:51:36+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-31T12:37:28+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Apache Camel 4 for Quarkus 3", product: { name: "Red Hat build of Apache Camel 4 for Quarkus 3", product_id: "Red Hat build of Apache Camel 4 for Quarkus 3", product_identification_helper: { cpe: "cpe:/a:redhat:camel_quarkus:3.8", }, }, }, ], category: "product_family", name: "Red Hat Build of Apache Camel", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8391", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-09-04T16:20:44.762419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309758", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "RHBZ#2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8391", url: "https://www.cve.org/CVERecord?id=CVE-2024-8391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", }, { category: "external", summary: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", url: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", }, ], release_date: "2024-09-04T16:15:09.253000+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", }, { cve: "CVE-2024-32007", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-07-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298828", }, ], notes: [ { category: "description", text: "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE", title: "Vulnerability summary", }, { category: "other", text: "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF's JAX-RS, and EAP uses RESTEasy, hence it's not-affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32007", }, { category: "external", summary: "RHBZ#2298828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298828", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32007", url: "https://www.cve.org/CVERecord?id=CVE-2024-32007", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32007", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32007", }, { category: "external", summary: "https://github.com/advisories/GHSA-6pff-fmh2-4mmf", url: "https://github.com/advisories/GHSA-6pff-fmh2-4mmf", }, { category: "external", summary: "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633", url: "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE", }, { cve: "CVE-2024-35255", discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295081", }, ], notes: [ { category: "description", text: "A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library (MSAL). The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalation, allowing attackers to gain unauthorized access to sensitive information. The vulnerability affects multiple versions of these libraries across various programming languages, including Java, .NET, Node.js, Python, JavaScript, C++, and Go. Microsoft has addressed this issue by releasing updated versions of the affected libraries. Users are strongly advised to upgrade to these patched versions to mitigate potential security risks.", title: "Vulnerability description", }, { category: "summary", text: "azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35255", }, { category: "external", summary: "RHBZ#2295081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295081", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35255", url: "https://www.cve.org/CVERecord?id=CVE-2024-35255", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", }, { category: "external", summary: "https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499", url: "https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499", }, { category: "external", summary: "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340", url: "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340", }, { category: "external", summary: "https://github.com/advisories/GHSA-m5vv-6r4h-3vj9", url: "https://github.com/advisories/GHSA-m5vv-6r4h-3vj9", }, { category: "external", summary: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255", url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, { cve: "CVE-2024-45294", cwe: { id: "CWE-611", name: "Improper Restriction of XML External Entity Reference", }, discovery_date: "2024-09-06T16:20:11.403869+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310447", }, ], notes: [ { category: "description", text: "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.", title: "Vulnerability description", }, { category: "summary", text: "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45294", }, { category: "external", summary: "RHBZ#2310447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310447", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45294", url: "https://www.cve.org/CVERecord?id=CVE-2024-45294", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", }, { category: "external", summary: "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", url: "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", }, { category: "external", summary: "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", url: "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", }, ], release_date: "2024-09-06T16:15:03.300000+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat build of Apache Camel 4 for Quarkus 3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", }, ], }
RHSA-2024:8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-03-05 22:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:8824", url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "JBEAP-24945", url: "https://issues.redhat.com/browse/JBEAP-24945", }, { category: "external", summary: "JBEAP-25035", url: "https://issues.redhat.com/browse/JBEAP-25035", }, { category: "external", summary: "JBEAP-27002", url: "https://issues.redhat.com/browse/JBEAP-27002", }, { category: "external", summary: "JBEAP-27194", url: "https://issues.redhat.com/browse/JBEAP-27194", }, { category: "external", summary: "JBEAP-27248", url: "https://issues.redhat.com/browse/JBEAP-27248", }, { category: "external", summary: "JBEAP-27276", url: "https://issues.redhat.com/browse/JBEAP-27276", }, { category: "external", summary: "JBEAP-27293", url: "https://issues.redhat.com/browse/JBEAP-27293", }, { category: "external", summary: "JBEAP-27392", url: "https://issues.redhat.com/browse/JBEAP-27392", }, { category: "external", summary: "JBEAP-27543", url: "https://issues.redhat.com/browse/JBEAP-27543", }, { category: "external", summary: "JBEAP-27585", url: "https://issues.redhat.com/browse/JBEAP-27585", }, { category: "external", summary: "JBEAP-27643", url: "https://issues.redhat.com/browse/JBEAP-27643", }, { category: "external", summary: "JBEAP-27659", url: "https://issues.redhat.com/browse/JBEAP-27659", }, { category: "external", summary: "JBEAP-27688", url: "https://issues.redhat.com/browse/JBEAP-27688", }, { category: "external", summary: "JBEAP-27694", url: "https://issues.redhat.com/browse/JBEAP-27694", }, { category: "external", summary: "JBEAP-27957", url: "https://issues.redhat.com/browse/JBEAP-27957", }, { category: "external", summary: "JBEAP-28057", url: "https://issues.redhat.com/browse/JBEAP-28057", }, { category: "external", summary: "JBEAP-28278", url: "https://issues.redhat.com/browse/JBEAP-28278", }, { category: "external", summary: "JBEAP-28289", url: "https://issues.redhat.com/browse/JBEAP-28289", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", tracking: { current_release_date: "2025-03-05T22:44:31+00:00", generator: { date: "2025-03-05T22:44:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.0", }, }, id: "RHSA-2024:8824", initial_release_date: "2024-11-04T20:13:24+00:00", revision_history: [ { date: "2024-11-04T20:13:24+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-04T20:13:24+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-05T22:44:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 9", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src&epoch=1", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product_id: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_id: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product_id: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product_id: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product_id: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product_id: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product_id: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_id: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product_id: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_id: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product_id: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product_id: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_id: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_id: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", }, product_reference: "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", }, product_reference: "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", }, product_reference: "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", }, product_reference: "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", }, product_reference: "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", }, product_reference: "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", }, product_reference: "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", }, product_reference: "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", }, product_reference: "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", }, product_reference: "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", }, product_reference: "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", }, product_reference: "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", }, product_reference: "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", }, product_reference: "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", }, product_reference: "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", }, product_reference: "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", }, product_reference: "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-4029", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278615", }, ], notes: [ { category: "description", text: "A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", title: "Vulnerability description", }, { category: "summary", text: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4029", }, { category: "external", summary: "RHBZ#2278615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4029", url: "https://www.cve.org/CVERecord?id=CVE-2024-4029", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", }, ], release_date: "2024-05-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", }, { acknowledgments: [ { names: [ "Tanner Emek", ], }, ], cve: "CVE-2024-8698", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2024-09-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2311641", }, ], notes: [ { category: "description", text: "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", title: "Vulnerability description", }, { category: "summary", text: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak's signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8698", }, { category: "external", summary: "RHBZ#2311641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2311641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8698", url: "https://www.cve.org/CVERecord?id=CVE-2024-8698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", }, ], release_date: "2024-09-19T15:12:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", }, { acknowledgments: [ { names: [ "Niklas Conrad", "Karsten Meyer zu Selhausen", ], }, ], cve: "CVE-2024-8883", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2024-09-16T06:17:01.573000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2312511", }, ], notes: [ { category: "description", text: "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", title: "Vulnerability description", }, { category: "summary", text: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8883", }, { category: "external", summary: "RHBZ#2312511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2312511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8883", url: "https://www.cve.org/CVERecord?id=CVE-2024-8883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", }, { category: "external", summary: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", url: "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", }, ], release_date: "2024-09-19T15:13:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-04T20:13:24+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:8824", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, ], }
rhsa-2024_7052
Vulnerability from csaf_redhat
Published
2024-09-24 12:51
Modified
2024-12-17 14:23
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)
Notes
Topic
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
Details
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in
* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in
* CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size
* CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size
* CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE
* CVE-2024-41172 org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients
* CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.", title: "Topic", }, { category: "general", text: "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:\n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in \n* CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in \n* CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size\n* CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size\n* CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE\n* CVE-2024-41172 org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients\n* CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:7052", url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-45294", url: "https://access.redhat.com/security/cve/CVE-2024-45294", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-8391", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-32007", url: "https://access.redhat.com/security/cve/CVE-2024-32007", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-41172", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-35255", url: "https://access.redhat.com/security/cve/CVE-2024-35255", }, { category: "external", summary: "2295081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295081", }, { category: "external", summary: "2298828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298828", }, { category: "external", summary: "2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "2310447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310447", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7052.json", }, ], title: "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)", tracking: { current_release_date: "2024-12-17T14:23:49+00:00", generator: { date: "2024-12-17T14:23:49+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:7052", initial_release_date: "2024-09-24T12:51:36+00:00", revision_history: [ { date: "2024-09-24T12:51:36+00:00", number: "1", summary: "Initial version", }, { date: "2024-09-24T12:51:36+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T14:23:49+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Apache Camel for Quarkus", product: { name: "Red Hat build of Apache Camel for Quarkus", product_id: "Red Hat build of Apache Camel for Quarkus", product_identification_helper: { cpe: "cpe:/a:redhat:camel_quarkus:3.8", }, }, }, ], category: "product_family", name: "Red Hat Build of Apache Camel", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8391", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-09-04T16:20:44.762419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309758", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel for Quarkus", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8391", }, { category: "external", summary: "RHBZ#2309758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8391", url: "https://www.cve.org/CVERecord?id=CVE-2024-8391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8391", }, { category: "external", summary: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", url: "https://github.com/eclipse-vertx/vertx-grpc/issues/113", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31", }, ], release_date: "2024-09-04T16:15:09.253000+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size", }, { cve: "CVE-2024-32007", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-07-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298828", }, ], notes: [ { category: "description", text: "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE", title: "Vulnerability summary", }, { category: "other", text: "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF's JAX-RS, and EAP uses RESTEasy, hence it's not-affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel for Quarkus", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32007", }, { category: "external", summary: "RHBZ#2298828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298828", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32007", url: "https://www.cve.org/CVERecord?id=CVE-2024-32007", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32007", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32007", }, { category: "external", summary: "https://github.com/advisories/GHSA-6pff-fmh2-4mmf", url: "https://github.com/advisories/GHSA-6pff-fmh2-4mmf", }, { category: "external", summary: "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633", url: "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE", }, { cve: "CVE-2024-35255", discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295081", }, ], notes: [ { category: "description", text: "A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library (MSAL). The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalation, allowing attackers to gain unauthorized access to sensitive information. The vulnerability affects multiple versions of these libraries across various programming languages, including Java, .NET, Node.js, Python, JavaScript, C++, and Go. Microsoft has addressed this issue by releasing updated versions of the affected libraries. Users are strongly advised to upgrade to these patched versions to mitigate potential security risks.", title: "Vulnerability description", }, { category: "summary", text: "azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel for Quarkus", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35255", }, { category: "external", summary: "RHBZ#2295081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295081", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35255", url: "https://www.cve.org/CVERecord?id=CVE-2024-35255", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", }, { category: "external", summary: "https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499", url: "https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499", }, { category: "external", summary: "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340", url: "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340", }, { category: "external", summary: "https://github.com/advisories/GHSA-m5vv-6r4h-3vj9", url: "https://github.com/advisories/GHSA-m5vv-6r4h-3vj9", }, { category: "external", summary: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255", url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity", }, { cve: "CVE-2024-41172", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-07-19T09:20:34+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298829", }, ], notes: [ { category: "description", text: "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", title: "Vulnerability description", }, { category: "summary", text: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel for Quarkus", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-41172", }, { category: "external", summary: "RHBZ#2298829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-41172", url: "https://www.cve.org/CVERecord?id=CVE-2024-41172", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", }, { category: "external", summary: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", url: "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", }, { category: "external", summary: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { category: "external", summary: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", url: "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", }, ], release_date: "2024-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", }, { cve: "CVE-2024-45294", cwe: { id: "CWE-611", name: "Improper Restriction of XML External Entity Reference", }, discovery_date: "2024-09-06T16:20:11.403869+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310447", }, ], notes: [ { category: "description", text: "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.", title: "Vulnerability description", }, { category: "summary", text: "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Apache Camel for Quarkus", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45294", }, { category: "external", summary: "RHBZ#2310447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310447", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45294", url: "https://www.cve.org/CVERecord?id=CVE-2024-45294", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", }, { category: "external", summary: "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", url: "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", }, { category: "external", summary: "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", url: "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", }, ], release_date: "2024-09-06T16:15:03.300000+00:00", remediations: [ { category: "vendor_fix", date: "2024-09-24T12:51:36+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "Red Hat build of Apache Camel for Quarkus", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", }, ], }
wid-sec-w-2024-1678
Vulnerability from csaf_certbund
Published
2024-07-18 22:00
Modified
2024-11-17 23:00
Summary
Apache CXF: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache CXF ist ein Open Source-Web Service-Framework.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Apache CXF ausnutzen, um Informationen offenzulegen oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Linux
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Apache CXF ist ein Open Source-Web Service-Framework.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Apache CXF ausnutzen, um Informationen offenzulegen oder einen Denial-of-Service-Zustand zu erzeugen.", title: "Angriff", }, { category: "general", text: "- Linux\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1678 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1678.json", }, { category: "self", summary: "WID-SEC-2024-1678 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1678", }, { category: "external", summary: "Apache Security Advisory vom 2024-07-18", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-29736.txt?version=1&modificationDate=1721314668000&api=v2", }, { category: "external", summary: "Apache Security Advisory vom 2024-07-18", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-32007.txt?version=1&modificationDate=1721314761000&api=v2", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6508 vom 2024-09-10", url: "https://access.redhat.com/errata/RHSA-2024:6508", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6508 vom 2024-09-10", url: "https://rhn.redhat.com/errata/RHSA-2024:6508.html", }, { category: "external", summary: "Atlassian Security Bulletin - September 17 2024", url: "https://confluence.atlassian.com/security/security-bulletin-september-17-2024-1431249025.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6883 vom 2024-09-19", url: "https://access.redhat.com/errata/RHSA-2024:6883", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:7052 vom 2024-09-24", url: "https://access.redhat.com/errata/RHSA-2024:7052", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8823 vom 2024-11-04", url: "https://access.redhat.com/errata/RHSA-2024:8823", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8824 vom 2024-11-04", url: "https://access.redhat.com/errata/RHSA-2024:8824", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8826 vom 2024-11-04", url: "https://access.redhat.com/errata/RHSA-2024:8826", }, { category: "external", summary: "NetApp Security Advisory NTAP-20241115-0003 vom 2024-11-15", url: "https://security.netapp.com/advisory/ntap-20241115-0003/", }, ], source_lang: "en-US", title: "Apache CXF: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-17T23:00:00.000+00:00", generator: { date: "2024-11-18T10:04:48.186+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-1678", initial_release_date: "2024-07-18T22:00:00.000+00:00", revision_history: [ { date: "2024-07-18T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-09-09T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-17T22:00:00.000+00:00", number: "3", summary: "Neue Updates aufgenommen", }, { date: "2024-09-19T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-24T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-04T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-17T23:00:00.000+00:00", number: "7", summary: "Neue Updates von NetApp aufgenommen", }, ], status: "final", version: "7", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<3.5.9", product: { name: "Apache CXF <3.5.9", product_id: "T036367", }, }, { category: "product_version", name: "3.5.9", product: { name: "Apache CXF 3.5.9", product_id: "T036367-fixed", product_identification_helper: { cpe: "cpe:/a:apache:cxf:3.5.9", }, }, }, { category: "product_version_range", name: "<3.6.4", product: { name: "Apache CXF <3.6.4", product_id: "T036368", }, }, { category: "product_version", name: "3.6.4", product: { name: "Apache CXF 3.6.4", product_id: "T036368-fixed", product_identification_helper: { cpe: "cpe:/a:apache:cxf:3.6.4", }, }, }, { category: "product_version_range", name: "<4.0.5", product: { name: "Apache CXF <4.0.5", product_id: "T036369", }, }, { category: "product_version", name: "4.0.5", product: { name: "Apache CXF 4.0.5", product_id: "T036369-fixed", product_identification_helper: { cpe: "cpe:/a:apache:cxf:4.0.5", }, }, }, ], category: "product_name", name: "CXF", }, ], category: "vendor", name: "Apache", }, { branches: [ { branches: [ { category: "product_version_range", name: "<9.0.0", product: { name: "Atlassian Bitbucket <9.0.0", product_id: "T037684", }, }, { category: "product_version", name: "9.0.0", product: { name: "Atlassian Bitbucket 9.0.0", product_id: "T037684-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:bitbucket:9.0.0", }, }, }, { category: "product_version_range", name: "<8.9.19", product: { name: "Atlassian Bitbucket <8.9.19", product_id: "T037685", }, }, { category: "product_version", name: "8.9.19", product: { name: "Atlassian Bitbucket 8.9.19", product_id: "T037685-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:bitbucket:8.9.19", }, }, }, { category: "product_version_range", name: "<8.19.9", product: { name: "Atlassian Bitbucket <8.19.9", product_id: "T037686", }, }, { category: "product_version", name: "8.19.9", product: { name: "Atlassian Bitbucket 8.19.9", product_id: "T037686-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:bitbucket:8.19.9", }, }, }, ], category: "product_name", name: "Bitbucket", }, ], category: "vendor", name: "Atlassian", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager", product: { name: "NetApp ActiveIQ Unified Manager", product_id: "T034126", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:-", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-29736", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in der WADL-Dienstbeschreibungsfunktion in Apache CXF aufgrund einer serverseitigen Anforderungsfälschung. Durch das Senden einer bösartigen Anfrage, die einen speziell gestalteten Stylesheet-Parameter enthält, kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um nicht autorisierte Anfragen an interne oder externe Dienste zu stellen und so eine Datenexfiltration durchzuführen.", }, ], product_status: { known_affected: [ "T034126", "67646", "T037686", "T036367", "T036368", "T036369", "T037684", "T037685", ], }, release_date: "2024-07-18T22:00:00.000+00:00", title: "CVE-2024-29736", }, { cve: "CVE-2024-32007", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apache CXF. Diese Fehler bestehen in den Komponenten Jose und HTTPClient aufgrund eines unkontrollierten Speicherverbrauchs und einer unsachgemäßen Eingabeneutralisierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T034126", "67646", "T037686", "T036367", "T036368", "T036369", "T037684", "T037685", ], }, release_date: "2024-07-18T22:00:00.000+00:00", title: "CVE-2024-32007", }, { cve: "CVE-2024-41172", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apache CXF. Diese Fehler bestehen in den Komponenten Jose und HTTPClient aufgrund eines unkontrollierten Speicherverbrauchs und einer unsachgemäßen Eingabeneutralisierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T034126", "67646", "T037686", "T036367", "T036368", "T036369", "T037684", "T037685", ], }, release_date: "2024-07-18T22:00:00.000+00:00", title: "CVE-2024-41172", }, ], }
fkie_cve-2024-41172
Vulnerability from fkie_nvd
Published
2024-07-19 09:15
Modified
2024-11-21 09:32
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*", matchCriteriaId: "7D6F6603-DD23-4DD5-8B90-0BAB0EB7E1D1", versionEndExcluding: "3.6.4", versionStartIncluding: "3.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*", matchCriteriaId: "ACAFECF5-75A5-4397-A588-F51D09717335", versionEndExcluding: "4.0.5", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory\n", }, { lang: "es", value: "En las versiones de Apache CXF anteriores a 3.6.4 y 4.0.5 (las versiones 3.5.x y inferiores no se ven afectadas), un conducto de cliente HTTP de CXF puede impedir que las instancias de HTTPClient se recopilen como basura y es posible que el consumo de memoria continúe aumentando eventualmente causando que la aplicación se quede sin memoria.", }, ], id: "CVE-2024-41172", lastModified: "2024-11-21T09:32:20.520", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-07-19T09:15:05.640", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/18/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240808-0008/", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "security@apache.org", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.