Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-2251 (GCVE-0-2025-2251)
Vulnerability from cvelistv5 – Published: 2025-04-07 14:06 – Updated: 2025-11-11 17:10
VLAI?
EPSS
Title
Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution
Summary
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
Severity ?
6.2 (Medium)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Affected:
0 , < 36.0.0
(semver)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Red Hat would like to thank Pupi1 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T14:18:34.200921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-07T15:23:08.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.wildfly.org/",
"defaultStatus": "unaffected",
"packageName": "wildfly",
"versions": [
{
"lessThan": "36.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-ejb3",
"product": "Red Hat JBoss Enterprise Application Platform 7.4.23",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.16.0-21.redhat_00055.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.10-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.0.2-5.redhat_00004.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-elytron-web",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.9.6-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-glassfish-jsf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.14-9.SP10_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.27-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.23-3.SP2_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-ironjacamar",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.21-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-server-migration",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-42.Final_redhat_00042.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.4.15-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.4.23-3.GA_redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.15.26-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.16.0-21.redhat_00055.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.10-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.0.2-5.redhat_00004.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-elytron-web",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.9.6-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-glassfish-jsf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.14-9.SP10_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.27-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.23-3.SP2_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-ironjacamar",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.21-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-server-migration",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-42.Final_redhat_00042.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.4.15-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.4.23-3.GA_redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.15.26-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.16.0-21.redhat_00055.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.10-1.redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.0.2-5.redhat_00004.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-elytron-web",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.9.6-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-glassfish-jsf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.14-9.SP10_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.27-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.23-3.SP2_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-ironjacamar",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.21-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-server-migration",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-42.Final_redhat_00042.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.4.15-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.4.23-3.GA_redhat_00002.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.15.26-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-ejb3",
"product": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.33.0-3.redhat_00017.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-beanutils",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.11.0-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.6-2.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-mime4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.8.12-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-eap-product-conf-parent",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:800.8.0-1.GA_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-elytron-web",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.3-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-fastinfoset",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.1.1-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.24-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-hibernate",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.2.36-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-httpcomponents-asyncclient",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.1.5-4.redhat_00006.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jboss-remoting",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.0.31-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.3.3-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-narayana",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.6-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-neethi",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.2.1-1.redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-reactivex-rxjava2",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.21-3.redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-slf4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.17-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-velocity",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.0-4.redhat_00010.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.8-4.GA_redhat_00006.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.11-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.33.0-3.redhat_00017.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-beanutils",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.11.0-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.6-2.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-mime4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.8.12-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-eap-product-conf-parent",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:800.8.0-1.GA_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-elytron-web",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.3-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-fastinfoset",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.1.1-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.24-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-hibernate",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.2.36-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-httpcomponents-asyncclient",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.1.5-4.redhat_00006.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jboss-remoting",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.0.31-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.3.3-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-narayana",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.6-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-neethi",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.2.1-1.redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-reactivex-rxjava2",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.21-3.redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-slf4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.17-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-velocity",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.0-4.redhat_00010.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.8-4.GA_redhat_00006.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.11-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-ejb3",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Pupi1 for reporting this issue."
}
],
"datePublic": "2025-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T17:10:22.089Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:10452",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"name": "RHSA-2025:10453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"name": "RHSA-2025:10459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"name": "RHSA-2025:10924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"name": "RHSA-2025:10925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"name": "RHSA-2025:10926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"name": "RHSA-2025:10931",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"name": "RHBZ#2351678",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-12T13:33:14.782000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-04-07T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution",
"x_redhatCweChain": "CWE-502: Deserialization of Untrusted Data"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-2251",
"datePublished": "2025-04-07T14:06:46.985Z",
"dateReserved": "2025-03-12T13:53:37.117Z",
"dateUpdated": "2025-11-11T17:10:22.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-2251\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-04-07T14:15:24.400\",\"lastModified\":\"2025-07-14T20:15:26.890\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.\"},{\"lang\":\"es\",\"value\":\"Existe una falla de seguridad en WildFly y JBoss Enterprise Application Platform (EAP) dentro del mecanismo de invocaci\u00f3n remota de Enterprise JavaBeans (EJB). Esta vulnerabilidad se debe a la deserializaci\u00f3n de datos no confiables gestionada por JBoss Marshalling. Esta falla permite a un atacante enviar un objeto serializado especialmente manipulado, lo que provoca la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de autenticaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10452\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10453\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10459\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10924\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10925\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10926\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10931\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-2251\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2351678\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-2251\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-07T14:18:34.200921Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-07T14:18:38.922Z\"}}], \"cna\": {\"title\": \"Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Pupi1 for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"36.0.0\", \"versionType\": \"semver\"}], \"packageName\": \"wildfly\", \"collectionURL\": \"https://www.wildfly.org/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4.23\", \"packageName\": \"wildfly-ejb3\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.16.0-21.redhat_00055.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-activemq-artemis\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.10-1.redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-apache-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.0.2-5.redhat_00004.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-artemis-native\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.9.6-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-elytron-web\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.3.14-9.SP10_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-glassfish-jsf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.27-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-hal-console\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.0.23-3.SP2_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-hibernate-validator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.21-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-ironjacamar\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-42.Final_redhat_00042.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-jboss-server-migration\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:5.4.15-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-jbossws-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:7.4.23-3.GA_redhat_00002.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-wildfly\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.15.26-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.16.0-21.redhat_00055.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-activemq-artemis\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.10-1.redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-apache-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.0.2-5.redhat_00004.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-artemis-native\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.9.6-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-elytron-web\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.3.14-9.SP10_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-glassfish-jsf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.27-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-hal-console\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.0.23-3.SP2_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-hibernate-validator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.21-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-ironjacamar\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-42.Final_redhat_00042.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-jboss-server-migration\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:5.4.15-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-jbossws-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:7.4.23-3.GA_redhat_00002.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-wildfly\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.15.26-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.16.0-21.redhat_00055.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-activemq-artemis\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.10-1.redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-apache-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.0.2-5.redhat_00004.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-artemis-native\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.9.6-1.Final_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-elytron-web\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.3.14-9.SP10_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-glassfish-jsf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.27-1.Final_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-hal-console\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.0.23-3.SP2_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-hibernate-validator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.5.21-1.Final_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-ironjacamar\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.10.0-42.Final_redhat_00042.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-jboss-server-migration\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:5.4.15-1.Final_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-jbossws-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:7.4.23-3.GA_redhat_00002.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-wildfly\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.15.26-1.Final_redhat_00001.1.el7eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap7-wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0.8\", \"packageName\": \"wildfly-ejb3\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.33.0-3.redhat_00017.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-activemq-artemis\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.11.0-1.redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-apache-commons-beanutils\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.0.6-2.redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-apache-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.8.12-1.redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-apache-mime4j\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:800.8.0-1.GA_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-eap-product-conf-parent\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.0.3-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-elytron-web\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.1.1-1.redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-fastinfoset\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.6.24-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-hal-console\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.2.36-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-hibernate\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.1.5-4.redhat_00006.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-httpcomponents-asyncclient\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:5.0.31-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-jboss-remoting\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:7.3.3-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-jbossws-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.0.6-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-narayana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.2.1-1.redhat_00002.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-neethi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.2.21-3.redhat_00002.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-reactivex-rxjava2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.0.17-1.redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-slf4j\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.3.0-4.redhat_00010.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-velocity\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.0.8-4.GA_redhat_00006.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-wildfly\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.2.11-1.Final_redhat_00001.1.el8eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.33.0-3.redhat_00017.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-activemq-artemis\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.11.0-1.redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-apache-commons-beanutils\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.0.6-2.redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-apache-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:0.8.12-1.redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-apache-mime4j\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:800.8.0-1.GA_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-eap-product-conf-parent\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.0.3-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-elytron-web\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.1.1-1.redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-fastinfoset\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.6.24-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-hal-console\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.2.36-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-hibernate\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:4.1.5-4.redhat_00006.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-httpcomponents-asyncclient\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:5.0.31-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-jboss-remoting\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:7.3.3-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-jbossws-cxf\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:6.0.6-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-narayana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.2.1-1.redhat_00002.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-neethi\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.2.21-3.redhat_00002.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-reactivex-rxjava2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.0.17-1.redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-slf4j\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.3.0-4.redhat_00010.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-velocity\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.0.8-4.GA_redhat_00006.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-wildfly\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.2.11-1.Final_redhat_00001.1.el9eap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"eap8-wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"packageName\": \"wildfly-ejb3\", \"collectionURL\": \"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-03-12T13:33:14.782000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-04-07T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-04-07T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:10452\", \"name\": \"RHSA-2025:10452\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10453\", \"name\": \"RHSA-2025:10453\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10459\", \"name\": \"RHSA-2025:10459\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10924\", \"name\": \"RHSA-2025:10924\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10925\", \"name\": \"RHSA-2025:10925\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10926\", \"name\": \"RHSA-2025:10926\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10931\", \"name\": \"RHSA-2025:10931\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-2251\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2351678\", \"name\": \"RHBZ#2351678\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-11T17:10:22.089Z\"}, \"x_redhatCweChain\": \"CWE-502: Deserialization of Untrusted Data\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-2251\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-11T17:10:22.089Z\", \"dateReserved\": \"2025-03-12T13:53:37.117Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-04-07T14:06:46.985Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2025-0729
Vulnerability from csaf_certbund - Published: 2025-04-07 22:00 - Updated: 2025-04-07 22:00Summary
Red Hat JBoss Enterprise Application Platform und WildFly: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat JBoss Enterprise Application Platform und WildFly ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat JBoss Enterprise Application Platform und WildFly ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0729 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0729.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0729 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0729"
},
{
"category": "external",
"summary": "RedHat Customer Portal vom 2025-04-07",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2025-04-07",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-04-07",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"source_lang": "en-US",
"title": "Red Hat JBoss Enterprise Application Platform und WildFly: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-04-07T22:00:00.000+00:00",
"generator": {
"date": "2025-04-08T11:05:16.575+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0729",
"initial_release_date": "2025-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "T037784",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8"
}
}
},
{
"category": "product_version",
"name": "7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "T039954",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7"
}
}
},
{
"category": "product_version",
"name": "Expansion Pack",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"product_id": "T042206",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:expansion_pack"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
},
{
"category": "product_name",
"name": "Red Hat WildFly",
"product": {
"name": "Red Hat WildFly",
"product_id": "T034506",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:wildfly:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-2251",
"product_status": {
"known_affected": [
"T034506",
"T042206",
"T039954",
"T037784"
]
},
"release_date": "2025-04-07T22:00:00.000+00:00",
"title": "CVE-2025-2251"
}
]
}
FKIE_CVE-2025-2251
Vulnerability from fkie_nvd - Published: 2025-04-07 14:15 - Updated: 2025-07-14 20:15
Severity ?
Summary
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication."
},
{
"lang": "es",
"value": "Existe una falla de seguridad en WildFly y JBoss Enterprise Application Platform (EAP) dentro del mecanismo de invocaci\u00f3n remota de Enterprise JavaBeans (EJB). Esta vulnerabilidad se debe a la deserializaci\u00f3n de datos no confiables gestionada por JBoss Marshalling. Esta falla permite a un atacante enviar un objeto serializado especialmente manipulado, lo que provoca la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de autenticaci\u00f3n."
}
],
"id": "CVE-2025-2251",
"lastModified": "2025-07-14T20:15:26.890",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.5,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2025-04-07T14:15:24.400",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
RHSA-2025:10924
Vulnerability from csaf_redhat - Published: 2025-07-14 15:56 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)
* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)\n\n* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10924",
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "JBEAP-28676",
"url": "https://issues.redhat.com/browse/JBEAP-28676"
},
{
"category": "external",
"summary": "JBEAP-28905",
"url": "https://issues.redhat.com/browse/JBEAP-28905"
},
{
"category": "external",
"summary": "JBEAP-29217",
"url": "https://issues.redhat.com/browse/JBEAP-29217"
},
{
"category": "external",
"summary": "JBEAP-29440",
"url": "https://issues.redhat.com/browse/JBEAP-29440"
},
{
"category": "external",
"summary": "JBEAP-29815",
"url": "https://issues.redhat.com/browse/JBEAP-29815"
},
{
"category": "external",
"summary": "JBEAP-29862",
"url": "https://issues.redhat.com/browse/JBEAP-29862"
},
{
"category": "external",
"summary": "JBEAP-29866",
"url": "https://issues.redhat.com/browse/JBEAP-29866"
},
{
"category": "external",
"summary": "JBEAP-29914",
"url": "https://issues.redhat.com/browse/JBEAP-29914"
},
{
"category": "external",
"summary": "JBEAP-29969",
"url": "https://issues.redhat.com/browse/JBEAP-29969"
},
{
"category": "external",
"summary": "JBEAP-30031",
"url": "https://issues.redhat.com/browse/JBEAP-30031"
},
{
"category": "external",
"summary": "JBEAP-30059",
"url": "https://issues.redhat.com/browse/JBEAP-30059"
},
{
"category": "external",
"summary": "JBEAP-30264",
"url": "https://issues.redhat.com/browse/JBEAP-30264"
},
{
"category": "external",
"summary": "JBEAP-30359",
"url": "https://issues.redhat.com/browse/JBEAP-30359"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10924.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:52+00:00",
"generator": {
"date": "2026-02-11T12:38:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10924",
"initial_release_date": "2025-07-14T15:56:17+00:00",
"revision_history": [
{
"date": "2025-07-14T15:56:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-14T15:56:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.6-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.26-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-5.redhat_00004.1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.5.10-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.21-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-42.Final_redhat_00042.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-21.redhat_00055.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-3.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.23-3.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.26-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.26-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.5.10-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.5.10-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.5.10-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.5.10-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-42.Final_redhat_00042.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-42.Final_redhat_00042.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-42.Final_redhat_00042.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-21.redhat_00055.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.23-3.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.23-3.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.23-3.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.23-3.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.23-3.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-5.redhat_00004.1.el7eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-5.redhat_00004.1.el7eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product_id": "eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-debuginfo@1.0.2-5.redhat_00004.1.el7eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10234",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-22T01:46:48.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2320848"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-10234"
},
{
"category": "external",
"summary": "RHBZ#2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-10234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234"
}
],
"release_date": "2024-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)"
},
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"acknowledgments": [
{
"names": [
"Claudia Bartolini",
"Marco Ventura",
"Massimiliano Brolli"
],
"organization": "TIM S.p.A"
}
],
"cve": "CVE-2025-23366",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-01-14T14:56:40.238000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2337619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has evaluated and the attacker must be authenticated as user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d. This issue requires previous privilege to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23366"
},
{
"category": "external",
"summary": "RHBZ#2337619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23366"
}
],
"release_date": "2025-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting"
},
{
"cve": "CVE-2025-35036",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-06-03T20:00:52.377542+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370118"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator. This vulnerability allows unauthorized access to sensitive information or the execution of arbitrary Java code by interpolating user-supplied input in a constraint violation message with an Expression Language.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Hibernate Validator Expression Language Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate because it enables Expression Language (EL) injection through user-supplied input embedded in validation messages \u2014 effectively escalating a benign validation failure into a potential Remote Code Execution (RCE) vector. In environments where EL expressions have access to application internals, attackers can craft payloads that access sensitive Java objects, invoke arbitrary methods, or manipulate server-side logic. The fact that this behavior is triggered by the default configuration \u2014 without any explicit developer error \u2014 further amplifies the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-35036"
},
{
"category": "external",
"summary": "RHBZ#2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-35036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036"
},
{
"category": "external",
"summary": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext",
"url": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e",
"url": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1",
"url": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78",
"url": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893",
"url": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final",
"url": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/pull/1138",
"url": "https://github.com/hibernate/hibernate-validator/pull/1138"
},
{
"category": "external",
"summary": "https://hibernate.atlassian.net/browse/HV-1816",
"url": "https://hibernate.atlassian.net/browse/HV-1816"
},
{
"category": "external",
"summary": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1",
"url": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1"
},
{
"category": "external",
"summary": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language",
"url": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language"
},
{
"category": "external",
"summary": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/",
"url": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4428"
}
],
"release_date": "2025-06-03T19:27:42.900000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"category": "workaround",
"details": "Users who are unable to upgrade should manually disable Expression Language interpolation to prevent EL injection. If disabling is not feasible, carefully sanitize and validate any dynamic input before inclusion.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-validator: Hibernate Validator Expression Language Injection"
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10931
Vulnerability from csaf_redhat - Published: 2025-07-14 16:21 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)
* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)\n\n* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10931",
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "JBEAP-28676",
"url": "https://issues.redhat.com/browse/JBEAP-28676"
},
{
"category": "external",
"summary": "JBEAP-28905",
"url": "https://issues.redhat.com/browse/JBEAP-28905"
},
{
"category": "external",
"summary": "JBEAP-29440",
"url": "https://issues.redhat.com/browse/JBEAP-29440"
},
{
"category": "external",
"summary": "JBEAP-29815",
"url": "https://issues.redhat.com/browse/JBEAP-29815"
},
{
"category": "external",
"summary": "JBEAP-29862",
"url": "https://issues.redhat.com/browse/JBEAP-29862"
},
{
"category": "external",
"summary": "JBEAP-29866",
"url": "https://issues.redhat.com/browse/JBEAP-29866"
},
{
"category": "external",
"summary": "JBEAP-29914",
"url": "https://issues.redhat.com/browse/JBEAP-29914"
},
{
"category": "external",
"summary": "JBEAP-29969",
"url": "https://issues.redhat.com/browse/JBEAP-29969"
},
{
"category": "external",
"summary": "JBEAP-30031",
"url": "https://issues.redhat.com/browse/JBEAP-30031"
},
{
"category": "external",
"summary": "JBEAP-30059",
"url": "https://issues.redhat.com/browse/JBEAP-30059"
},
{
"category": "external",
"summary": "JBEAP-30264",
"url": "https://issues.redhat.com/browse/JBEAP-30264"
},
{
"category": "external",
"summary": "JBEAP-30359",
"url": "https://issues.redhat.com/browse/JBEAP-30359"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10931.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:53+00:00",
"generator": {
"date": "2026-02-11T12:38:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10931",
"initial_release_date": "2025-07-14T16:21:20+00:00",
"revision_history": [
{
"date": "2025-07-14T16:21:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-14T16:21:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.4.23",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.4.23",
"product_id": "Red Hat JBoss Enterprise Application Platform 7.4.23",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10234",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-22T01:46:48.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2320848"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-10234"
},
{
"category": "external",
"summary": "RHBZ#2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-10234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234"
}
],
"release_date": "2024-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T16:21:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)"
},
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T16:21:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T16:21:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T16:21:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-35036",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-06-03T20:00:52.377542+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370118"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator. This vulnerability allows unauthorized access to sensitive information or the execution of arbitrary Java code by interpolating user-supplied input in a constraint violation message with an Expression Language.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Hibernate Validator Expression Language Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate because it enables Expression Language (EL) injection through user-supplied input embedded in validation messages \u2014 effectively escalating a benign validation failure into a potential Remote Code Execution (RCE) vector. In environments where EL expressions have access to application internals, attackers can craft payloads that access sensitive Java objects, invoke arbitrary methods, or manipulate server-side logic. The fact that this behavior is triggered by the default configuration \u2014 without any explicit developer error \u2014 further amplifies the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-35036"
},
{
"category": "external",
"summary": "RHBZ#2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-35036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036"
},
{
"category": "external",
"summary": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext",
"url": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e",
"url": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1",
"url": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78",
"url": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893",
"url": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final",
"url": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/pull/1138",
"url": "https://github.com/hibernate/hibernate-validator/pull/1138"
},
{
"category": "external",
"summary": "https://hibernate.atlassian.net/browse/HV-1816",
"url": "https://hibernate.atlassian.net/browse/HV-1816"
},
{
"category": "external",
"summary": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1",
"url": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1"
},
{
"category": "external",
"summary": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language",
"url": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language"
},
{
"category": "external",
"summary": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/",
"url": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4428"
}
],
"release_date": "2025-06-03T19:27:42.900000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T16:21:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"category": "workaround",
"details": "Users who are unable to upgrade should manually disable Expression Language interpolation to prevent EL injection. If disabling is not feasible, carefully sanitize and validate any dynamic input before inclusion.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-validator: Hibernate Validator Expression Language Injection"
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T16:21:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7.4.23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10459
Vulnerability from csaf_redhat - Published: 2025-07-07 13:35 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10459",
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7120566",
"url": "https://access.redhat.com/articles/7120566"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "JBEAP-28866",
"url": "https://issues.redhat.com/browse/JBEAP-28866"
},
{
"category": "external",
"summary": "JBEAP-28992",
"url": "https://issues.redhat.com/browse/JBEAP-28992"
},
{
"category": "external",
"summary": "JBEAP-29257",
"url": "https://issues.redhat.com/browse/JBEAP-29257"
},
{
"category": "external",
"summary": "JBEAP-29530",
"url": "https://issues.redhat.com/browse/JBEAP-29530"
},
{
"category": "external",
"summary": "JBEAP-29679",
"url": "https://issues.redhat.com/browse/JBEAP-29679"
},
{
"category": "external",
"summary": "JBEAP-29691",
"url": "https://issues.redhat.com/browse/JBEAP-29691"
},
{
"category": "external",
"summary": "JBEAP-29692",
"url": "https://issues.redhat.com/browse/JBEAP-29692"
},
{
"category": "external",
"summary": "JBEAP-29806",
"url": "https://issues.redhat.com/browse/JBEAP-29806"
},
{
"category": "external",
"summary": "JBEAP-29863",
"url": "https://issues.redhat.com/browse/JBEAP-29863"
},
{
"category": "external",
"summary": "JBEAP-29867",
"url": "https://issues.redhat.com/browse/JBEAP-29867"
},
{
"category": "external",
"summary": "JBEAP-29984",
"url": "https://issues.redhat.com/browse/JBEAP-29984"
},
{
"category": "external",
"summary": "JBEAP-29999",
"url": "https://issues.redhat.com/browse/JBEAP-29999"
},
{
"category": "external",
"summary": "JBEAP-30087",
"url": "https://issues.redhat.com/browse/JBEAP-30087"
},
{
"category": "external",
"summary": "JBEAP-30151",
"url": "https://issues.redhat.com/browse/JBEAP-30151"
},
{
"category": "external",
"summary": "JBEAP-30157",
"url": "https://issues.redhat.com/browse/JBEAP-30157"
},
{
"category": "external",
"summary": "JBEAP-30263",
"url": "https://issues.redhat.com/browse/JBEAP-30263"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10459.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:48+00:00",
"generator": {
"date": "2026-02-11T12:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10459",
"initial_release_date": "2025-07-07T13:35:06+00:00",
"revision_history": [
{
"date": "2025-07-07T13:35:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T13:35:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-27611",
"cwe": {
"id": "CWE-1007",
"name": "Insufficient Visual Distinction of Homoglyphs Presented to User"
},
"discovery_date": "2025-04-30T20:00:45.852222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in base-x is Important because it affects the encoding and decoding of addresses in blockchain transactions. The flaw arises from mishandling of leading zero compression, enabling attackers to craft malicious encodings that deceive systems or users into misdirecting funds. As blockchain transactions are final and cannot be reversed, even a single instance of this exploit can result in permanent financial loss, making this a serious security concern beyond a Moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27611"
},
{
"category": "external",
"summary": "RHBZ#2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27611",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/pull/86",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"release_date": "2025-04-30T19:36:57.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation."
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10452
Vulnerability from csaf_redhat - Published: 2025-07-07 13:32 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10452",
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7120566",
"url": "https://access.redhat.com/articles/7120566"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "JBEAP-28866",
"url": "https://issues.redhat.com/browse/JBEAP-28866"
},
{
"category": "external",
"summary": "JBEAP-28992",
"url": "https://issues.redhat.com/browse/JBEAP-28992"
},
{
"category": "external",
"summary": "JBEAP-29252",
"url": "https://issues.redhat.com/browse/JBEAP-29252"
},
{
"category": "external",
"summary": "JBEAP-29257",
"url": "https://issues.redhat.com/browse/JBEAP-29257"
},
{
"category": "external",
"summary": "JBEAP-29530",
"url": "https://issues.redhat.com/browse/JBEAP-29530"
},
{
"category": "external",
"summary": "JBEAP-29679",
"url": "https://issues.redhat.com/browse/JBEAP-29679"
},
{
"category": "external",
"summary": "JBEAP-29691",
"url": "https://issues.redhat.com/browse/JBEAP-29691"
},
{
"category": "external",
"summary": "JBEAP-29692",
"url": "https://issues.redhat.com/browse/JBEAP-29692"
},
{
"category": "external",
"summary": "JBEAP-29806",
"url": "https://issues.redhat.com/browse/JBEAP-29806"
},
{
"category": "external",
"summary": "JBEAP-29863",
"url": "https://issues.redhat.com/browse/JBEAP-29863"
},
{
"category": "external",
"summary": "JBEAP-29867",
"url": "https://issues.redhat.com/browse/JBEAP-29867"
},
{
"category": "external",
"summary": "JBEAP-29984",
"url": "https://issues.redhat.com/browse/JBEAP-29984"
},
{
"category": "external",
"summary": "JBEAP-29999",
"url": "https://issues.redhat.com/browse/JBEAP-29999"
},
{
"category": "external",
"summary": "JBEAP-30087",
"url": "https://issues.redhat.com/browse/JBEAP-30087"
},
{
"category": "external",
"summary": "JBEAP-30151",
"url": "https://issues.redhat.com/browse/JBEAP-30151"
},
{
"category": "external",
"summary": "JBEAP-30157",
"url": "https://issues.redhat.com/browse/JBEAP-30157"
},
{
"category": "external",
"summary": "JBEAP-30263",
"url": "https://issues.redhat.com/browse/JBEAP-30263"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10452.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:48+00:00",
"generator": {
"date": "2026-02-11T12:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10452",
"initial_release_date": "2025-07-07T13:32:31+00:00",
"revision_history": [
{
"date": "2025-07-07T13:32:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T13:32:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.2.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-dom@0.8.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-storage@0.8.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.17-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.8.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity-engine-core@2.3.0-4.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-27611",
"cwe": {
"id": "CWE-1007",
"name": "Insufficient Visual Distinction of Homoglyphs Presented to User"
},
"discovery_date": "2025-04-30T20:00:45.852222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in base-x is Important because it affects the encoding and decoding of addresses in blockchain transactions. The flaw arises from mishandling of leading zero compression, enabling attackers to craft malicious encodings that deceive systems or users into misdirecting funds. As blockchain transactions are final and cannot be reversed, even a single instance of this exploit can result in permanent financial loss, making this a serious security concern beyond a Moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27611"
},
{
"category": "external",
"summary": "RHBZ#2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27611",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/pull/86",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"release_date": "2025-04-30T19:36:57.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation."
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10926
Vulnerability from csaf_redhat - Published: 2025-07-14 15:55 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)
* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)\n\n* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10926",
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "JBEAP-28676",
"url": "https://issues.redhat.com/browse/JBEAP-28676"
},
{
"category": "external",
"summary": "JBEAP-28905",
"url": "https://issues.redhat.com/browse/JBEAP-28905"
},
{
"category": "external",
"summary": "JBEAP-29219",
"url": "https://issues.redhat.com/browse/JBEAP-29219"
},
{
"category": "external",
"summary": "JBEAP-29440",
"url": "https://issues.redhat.com/browse/JBEAP-29440"
},
{
"category": "external",
"summary": "JBEAP-29815",
"url": "https://issues.redhat.com/browse/JBEAP-29815"
},
{
"category": "external",
"summary": "JBEAP-29862",
"url": "https://issues.redhat.com/browse/JBEAP-29862"
},
{
"category": "external",
"summary": "JBEAP-29866",
"url": "https://issues.redhat.com/browse/JBEAP-29866"
},
{
"category": "external",
"summary": "JBEAP-29914",
"url": "https://issues.redhat.com/browse/JBEAP-29914"
},
{
"category": "external",
"summary": "JBEAP-29969",
"url": "https://issues.redhat.com/browse/JBEAP-29969"
},
{
"category": "external",
"summary": "JBEAP-30031",
"url": "https://issues.redhat.com/browse/JBEAP-30031"
},
{
"category": "external",
"summary": "JBEAP-30059",
"url": "https://issues.redhat.com/browse/JBEAP-30059"
},
{
"category": "external",
"summary": "JBEAP-30264",
"url": "https://issues.redhat.com/browse/JBEAP-30264"
},
{
"category": "external",
"summary": "JBEAP-30359",
"url": "https://issues.redhat.com/browse/JBEAP-30359"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10926.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:53+00:00",
"generator": {
"date": "2026-02-11T12:38:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10926",
"initial_release_date": "2025-07-14T15:55:57+00:00",
"revision_history": [
{
"date": "2025-07-14T15:55:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-14T15:55:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-5.redhat_00004.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.6-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.26-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.27-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.15-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.5.10-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.21-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-42.Final_redhat_00042.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-21.redhat_00055.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-3.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.23-3.GA_redhat_00002.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-5.redhat_00004.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-5.redhat_00004.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.26-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.26-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.27-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.15-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.5.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.5.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.5.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.5.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-42.Final_redhat_00042.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-42.Final_redhat_00042.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-42.Final_redhat_00042.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-21.redhat_00055.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.23-3.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.23-3.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.23-3.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.23-3.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.23-3.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.23-3.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10234",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-22T01:46:48.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2320848"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-10234"
},
{
"category": "external",
"summary": "RHBZ#2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-10234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234"
}
],
"release_date": "2024-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)"
},
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"acknowledgments": [
{
"names": [
"Claudia Bartolini",
"Marco Ventura",
"Massimiliano Brolli"
],
"organization": "TIM S.p.A"
}
],
"cve": "CVE-2025-23366",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-01-14T14:56:40.238000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2337619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has evaluated and the attacker must be authenticated as user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d. This issue requires previous privilege to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23366"
},
{
"category": "external",
"summary": "RHBZ#2337619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23366"
}
],
"release_date": "2025-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting"
},
{
"cve": "CVE-2025-35036",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-06-03T20:00:52.377542+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370118"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator. This vulnerability allows unauthorized access to sensitive information or the execution of arbitrary Java code by interpolating user-supplied input in a constraint violation message with an Expression Language.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Hibernate Validator Expression Language Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate because it enables Expression Language (EL) injection through user-supplied input embedded in validation messages \u2014 effectively escalating a benign validation failure into a potential Remote Code Execution (RCE) vector. In environments where EL expressions have access to application internals, attackers can craft payloads that access sensitive Java objects, invoke arbitrary methods, or manipulate server-side logic. The fact that this behavior is triggered by the default configuration \u2014 without any explicit developer error \u2014 further amplifies the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-35036"
},
{
"category": "external",
"summary": "RHBZ#2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-35036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036"
},
{
"category": "external",
"summary": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext",
"url": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e",
"url": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1",
"url": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78",
"url": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893",
"url": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final",
"url": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/pull/1138",
"url": "https://github.com/hibernate/hibernate-validator/pull/1138"
},
{
"category": "external",
"summary": "https://hibernate.atlassian.net/browse/HV-1816",
"url": "https://hibernate.atlassian.net/browse/HV-1816"
},
{
"category": "external",
"summary": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1",
"url": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1"
},
{
"category": "external",
"summary": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language",
"url": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language"
},
{
"category": "external",
"summary": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/",
"url": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4428"
}
],
"release_date": "2025-06-03T19:27:42.900000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"category": "workaround",
"details": "Users who are unable to upgrade should manually disable Expression Language interpolation to prevent EL injection. If disabling is not feasible, carefully sanitize and validate any dynamic input before inclusion.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-validator: Hibernate Validator Expression Language Injection"
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:55:57+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10453
Vulnerability from csaf_redhat - Published: 2025-07-07 13:27 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10453",
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7120566",
"url": "https://access.redhat.com/articles/7120566"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "JBEAP-28866",
"url": "https://issues.redhat.com/browse/JBEAP-28866"
},
{
"category": "external",
"summary": "JBEAP-28992",
"url": "https://issues.redhat.com/browse/JBEAP-28992"
},
{
"category": "external",
"summary": "JBEAP-29253",
"url": "https://issues.redhat.com/browse/JBEAP-29253"
},
{
"category": "external",
"summary": "JBEAP-29257",
"url": "https://issues.redhat.com/browse/JBEAP-29257"
},
{
"category": "external",
"summary": "JBEAP-29530",
"url": "https://issues.redhat.com/browse/JBEAP-29530"
},
{
"category": "external",
"summary": "JBEAP-29679",
"url": "https://issues.redhat.com/browse/JBEAP-29679"
},
{
"category": "external",
"summary": "JBEAP-29691",
"url": "https://issues.redhat.com/browse/JBEAP-29691"
},
{
"category": "external",
"summary": "JBEAP-29692",
"url": "https://issues.redhat.com/browse/JBEAP-29692"
},
{
"category": "external",
"summary": "JBEAP-29806",
"url": "https://issues.redhat.com/browse/JBEAP-29806"
},
{
"category": "external",
"summary": "JBEAP-29863",
"url": "https://issues.redhat.com/browse/JBEAP-29863"
},
{
"category": "external",
"summary": "JBEAP-29867",
"url": "https://issues.redhat.com/browse/JBEAP-29867"
},
{
"category": "external",
"summary": "JBEAP-29984",
"url": "https://issues.redhat.com/browse/JBEAP-29984"
},
{
"category": "external",
"summary": "JBEAP-29999",
"url": "https://issues.redhat.com/browse/JBEAP-29999"
},
{
"category": "external",
"summary": "JBEAP-30087",
"url": "https://issues.redhat.com/browse/JBEAP-30087"
},
{
"category": "external",
"summary": "JBEAP-30151",
"url": "https://issues.redhat.com/browse/JBEAP-30151"
},
{
"category": "external",
"summary": "JBEAP-30157",
"url": "https://issues.redhat.com/browse/JBEAP-30157"
},
{
"category": "external",
"summary": "JBEAP-30263",
"url": "https://issues.redhat.com/browse/JBEAP-30263"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10453.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:48+00:00",
"generator": {
"date": "2026-02-11T12:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10453",
"initial_release_date": "2025-07-07T13:27:47+00:00",
"revision_history": [
{
"date": "2025-07-07T13:27:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T13:27:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.2.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-dom@0.8.12-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-storage@0.8.12-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.17-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.8.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity-engine-core@2.3.0-4.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-27611",
"cwe": {
"id": "CWE-1007",
"name": "Insufficient Visual Distinction of Homoglyphs Presented to User"
},
"discovery_date": "2025-04-30T20:00:45.852222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in base-x is Important because it affects the encoding and decoding of addresses in blockchain transactions. The flaw arises from mishandling of leading zero compression, enabling attackers to craft malicious encodings that deceive systems or users into misdirecting funds. As blockchain transactions are final and cannot be reversed, even a single instance of this exploit can result in permanent financial loss, making this a serious security concern beyond a Moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27611"
},
{
"category": "external",
"summary": "RHBZ#2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27611",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/pull/86",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"release_date": "2025-04-30T19:36:57.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation."
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10925
Vulnerability from csaf_redhat - Published: 2025-07-14 15:56 - Updated: 2026-02-11 12:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-7.4.z] (CVE-2025-48734)
* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)
* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.22, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.23 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-7.4.z] (CVE-2025-48734)\n\n* hibernate-validator: Hibernate Validator Expression Language Injection [eap-7.4.z] (CVE-2025-35036)\n\n* org.wildfly.core/wildfly-core-management-subsystem: Wildfly vulnerable to Cross-Site Scripting (XSS) [eap-7.4.z] (CVE-2024-10234)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-7.4.z] (CVE-2025-23184)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-7.4.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-7.4.z] (CVE-2025-2251)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10925",
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "JBEAP-28676",
"url": "https://issues.redhat.com/browse/JBEAP-28676"
},
{
"category": "external",
"summary": "JBEAP-28905",
"url": "https://issues.redhat.com/browse/JBEAP-28905"
},
{
"category": "external",
"summary": "JBEAP-29218",
"url": "https://issues.redhat.com/browse/JBEAP-29218"
},
{
"category": "external",
"summary": "JBEAP-29440",
"url": "https://issues.redhat.com/browse/JBEAP-29440"
},
{
"category": "external",
"summary": "JBEAP-29815",
"url": "https://issues.redhat.com/browse/JBEAP-29815"
},
{
"category": "external",
"summary": "JBEAP-29862",
"url": "https://issues.redhat.com/browse/JBEAP-29862"
},
{
"category": "external",
"summary": "JBEAP-29866",
"url": "https://issues.redhat.com/browse/JBEAP-29866"
},
{
"category": "external",
"summary": "JBEAP-29914",
"url": "https://issues.redhat.com/browse/JBEAP-29914"
},
{
"category": "external",
"summary": "JBEAP-29969",
"url": "https://issues.redhat.com/browse/JBEAP-29969"
},
{
"category": "external",
"summary": "JBEAP-30031",
"url": "https://issues.redhat.com/browse/JBEAP-30031"
},
{
"category": "external",
"summary": "JBEAP-30059",
"url": "https://issues.redhat.com/browse/JBEAP-30059"
},
{
"category": "external",
"summary": "JBEAP-30264",
"url": "https://issues.redhat.com/browse/JBEAP-30264"
},
{
"category": "external",
"summary": "JBEAP-30359",
"url": "https://issues.redhat.com/browse/JBEAP-30359"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10925.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update",
"tracking": {
"current_release_date": "2026-02-11T12:38:57+00:00",
"generator": {
"date": "2026-02-11T12:38:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2025:10925",
"initial_release_date": "2025-07-14T15:56:17+00:00",
"revision_history": [
{
"date": "2025-07-14T15:56:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-14T15:56:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T12:38:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.26-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-5.redhat_00004.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.5.10-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.21-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-42.Final_redhat_00042.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-21.redhat_00055.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-3.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.23-3.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.26-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.26-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-9.SP10_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.5.10-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.5.10-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.5.10-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.5.10-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-42.Final_redhat_00042.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-42.Final_redhat_00042.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-42.Final_redhat_00042.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-21.redhat_00055.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.23-3.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.23-3.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.23-3.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.23-3.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.23-3.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.23-3.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-5.redhat_00004.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-5.redhat_00004.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10234",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-22T01:46:48.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2320848"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-10234"
},
{
"category": "external",
"summary": "RHBZ#2320848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-10234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10234"
}
],
"release_date": "2024-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)"
},
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"acknowledgments": [
{
"names": [
"Claudia Bartolini",
"Marco Ventura",
"Massimiliano Brolli"
],
"organization": "TIM S.p.A"
}
],
"cve": "CVE-2025-23366",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-01-14T14:56:40.238000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2337619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has evaluated and the attacker must be authenticated as user that belongs to management groups \u201cSuperUser\u201d, \u201cAdmin\u201d, or \u201cMaintainer\u201d. This issue requires previous privilege to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23366"
},
{
"category": "external",
"summary": "RHBZ#2337619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23366"
}
],
"release_date": "2025-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting"
},
{
"cve": "CVE-2025-35036",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-06-03T20:00:52.377542+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370118"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator. This vulnerability allows unauthorized access to sensitive information or the execution of arbitrary Java code by interpolating user-supplied input in a constraint violation message with an Expression Language.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Hibernate Validator Expression Language Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate because it enables Expression Language (EL) injection through user-supplied input embedded in validation messages \u2014 effectively escalating a benign validation failure into a potential Remote Code Execution (RCE) vector. In environments where EL expressions have access to application internals, attackers can craft payloads that access sensitive Java objects, invoke arbitrary methods, or manipulate server-side logic. The fact that this behavior is triggered by the default configuration \u2014 without any explicit developer error \u2014 further amplifies the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-35036"
},
{
"category": "external",
"summary": "RHBZ#2370118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370118"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-35036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35036"
},
{
"category": "external",
"summary": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext",
"url": "https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e",
"url": "https://github.com/hibernate/hibernate-validator/commit/05f795bb7cf18856004f40e5042709e550ed0d6e"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1",
"url": "https://github.com/hibernate/hibernate-validator/commit/254858d9dcc4e7cd775d1b0f47f482218077c5e1"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78",
"url": "https://github.com/hibernate/hibernate-validator/commit/d2db40b9e7d22c7a0b44d7665242dfc7b4d14d78"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893",
"url": "https://github.com/hibernate/hibernate-validator/commit/e076293b0ee1bfa97b6e67d05ad9eee1ad77e893"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final",
"url": "https://github.com/hibernate/hibernate-validator/compare/6.1.7.Final...6.2.0.Final"
},
{
"category": "external",
"summary": "https://github.com/hibernate/hibernate-validator/pull/1138",
"url": "https://github.com/hibernate/hibernate-validator/pull/1138"
},
{
"category": "external",
"summary": "https://hibernate.atlassian.net/browse/HV-1816",
"url": "https://hibernate.atlassian.net/browse/HV-1816"
},
{
"category": "external",
"summary": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1",
"url": "https://hibernate.org/validator/documentation/migration-guide/#6-2-0-cr1"
},
{
"category": "external",
"summary": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language",
"url": "https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/#expression-language"
},
{
"category": "external",
"summary": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/",
"url": "https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4428"
}
],
"release_date": "2025-06-03T19:27:42.900000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"category": "workaround",
"details": "Users who are unable to upgrade should manually disable Expression Language interpolation to prevent EL injection. If disabling is not feasible, carefully sanitize and validate any dynamic input before inclusion.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-validator: Hibernate Validator Expression Language Injection"
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-14T15:56:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-21.redhat_00055.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-21.redhat_00055.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.5.10-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.5.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-5.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-9.SP10_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-42.Final_redhat_00042.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-42.Final_redhat_00042.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.23-3.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.26-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.26-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.23-3.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
GHSA-6839-6896-R9MX
Vulnerability from github – Published: 2025-04-07 15:31 – Updated: 2025-07-14 21:31
VLAI?
Details
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
Severity ?
6.2 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-2251"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-07T14:15:24Z",
"severity": "MODERATE"
},
"details": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"id": "GHSA-6839-6896-r9mx",
"modified": "2025-07-14T21:31:43Z",
"published": "2025-04-07T15:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10924"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10925"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10926"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10931"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…