Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-48913 (GCVE-0-2025-48913)
Vulnerability from cvelistv5 – Published: 2025-08-08 09:21 – Updated: 2025-11-04 21:11
VLAI?
EPSS
Summary
If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.
Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.
Severity ?
No CVSS data available.
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache CXF |
Affected:
4.1.0 , < 4.1.3
(semver)
Affected: 4.0.0 , < 4.0.9 (semver) Affected: 0 , < 3.6.8 (semver) |
Credits
M Bhatt (r34p3r) OWASP GenAI Security Project & Blake Gatto (b1oo) Shrewd Research
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T15:03:45.098Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:11:08.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/07/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache CXF",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "4.1.3",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.9",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "M Bhatt (r34p3r) OWASP GenAI Security Project \u0026 Blake Gatto (b1oo) Shrewd Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue."
}
],
"value": "If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\n\nUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-08T09:21:22.208Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache CXF: Untrusted JMS configuration can lead to RCE",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-48913",
"datePublished": "2025-08-08T09:21:22.208Z",
"dateReserved": "2025-05-28T10:04:58.340Z",
"dateUpdated": "2025-11-04T21:11:08.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-48913\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-08-08T10:15:25.663\",\"lastModified\":\"2025-11-04T22:16:17.657\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\\n\\nUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.\"},{\"lang\":\"es\",\"value\":\"Si se permite a usuarios no confiables configurar JMS para Apache CXF, anteriormente pod\u00edan usar URL RMI o LDAP, lo que podr\u00eda generar capacidades de ejecuci\u00f3n de c\u00f3digo. Esta interfaz ahora est\u00e1 restringida para rechazar dichos protocolos, eliminando esta posibilidad. Se recomienda a los usuarios actualizar a las versiones 3.6.8, 4.0.9 o 4.1.3, que solucionan este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.8\",\"matchCriteriaId\":\"9DBCF1F5-333E-4307-ACC5-928C778200FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.0.9\",\"matchCriteriaId\":\"326D5496-A8EB-4B4B-B489-CCD4936B6E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1.0\",\"versionEndExcluding\":\"4.1.3\",\"matchCriteriaId\":\"737DD9AE-43EC-4D4E-89C6-C84A3FF1A260\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/07/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/07/2\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:11:08.194Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48913\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-08T13:41:54.033012Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-08T13:42:09.955Z\"}}], \"cna\": {\"title\": \"Apache CXF: Untrusted JMS configuration can lead to RCE\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"M Bhatt (r34p3r) OWASP GenAI Security Project \u0026 Blake Gatto (b1oo) Shrewd Research\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache CXF\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.1.0\", \"lessThan\": \"4.1.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.0.0\", \"lessThan\": \"4.0.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.6.8\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\\n\\nUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-08-08T09:21:22.208Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-48913\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T21:11:08.194Z\", \"dateReserved\": \"2025-05-28T10:04:58.340Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-08-08T09:21:22.208Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2025:17298
Vulnerability from csaf_redhat - Published: 2025-10-02 14:58 - Updated: 2025-11-25 03:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.1. See Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)
* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)
* cxf: CXF JMS Code Execution Vulnerability [eap-8.1.z] (CVE-2025-48913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.1. See Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)\n\n* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)\n\n* cxf: CXF JMS Code Execution Vulnerability [eap-8.1.z] (CVE-2025-48913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17298",
"url": "https://access.redhat.com/errata/RHSA-2025:17298"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7129481",
"url": "https://access.redhat.com/articles/7129481"
},
{
"category": "external",
"summary": "2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "JBEAP-30701",
"url": "https://issues.redhat.com/browse/JBEAP-30701"
},
{
"category": "external",
"summary": "JBEAP-30732",
"url": "https://issues.redhat.com/browse/JBEAP-30732"
},
{
"category": "external",
"summary": "JBEAP-30759",
"url": "https://issues.redhat.com/browse/JBEAP-30759"
},
{
"category": "external",
"summary": "JBEAP-30761",
"url": "https://issues.redhat.com/browse/JBEAP-30761"
},
{
"category": "external",
"summary": "JBEAP-30763",
"url": "https://issues.redhat.com/browse/JBEAP-30763"
},
{
"category": "external",
"summary": "JBEAP-30887",
"url": "https://issues.redhat.com/browse/JBEAP-30887"
},
{
"category": "external",
"summary": "JBEAP-30889",
"url": "https://issues.redhat.com/browse/JBEAP-30889"
},
{
"category": "external",
"summary": "JBEAP-30891",
"url": "https://issues.redhat.com/browse/JBEAP-30891"
},
{
"category": "external",
"summary": "JBEAP-30916",
"url": "https://issues.redhat.com/browse/JBEAP-30916"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17298.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update",
"tracking": {
"current_release_date": "2025-11-25T03:02:52+00:00",
"generator": {
"date": "2025-11-25T03:02:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:17298",
"initial_release_date": "2025-10-02T14:58:17+00:00",
"revision_history": [
{
"date": "2025-10-02T14:58:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-02T14:58:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-25T03:02:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.1 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.1 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-4.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.0.1-2.GA_redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.0-55.GA_redhat_00016.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.18.0-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-4.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.0.1-2.GA_redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.0-55.GA_redhat_00016.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.18.0-1.redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-4.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.9-4.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.9-4.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.9-4.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-core@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-profile-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-soap-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-bindings@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-policy@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-common@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-dom@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-policy-stax@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-stax@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.0.1-2.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@801.0.1-2.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.0-55.GA_redhat_00016.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.1.0-55.GA_redhat_00016.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.1.0-55.GA_redhat_00016.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.1.0-55.GA_redhat_00016.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.18.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-4.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.9-4.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.9-4.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.9-4.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-core@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-profile-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-soap-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.0.1-2.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@801.0.1-2.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-bindings@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-policy@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-common@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-dom@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-policy-stax@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-stax@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.0-55.GA_redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.1.0-55.GA_redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.1.0-55.GA_redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.1.0-55.GA_redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.18.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.127-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.127-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-08T10:00:54.007824+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw should be considered Important because the impact goes beyond a simple denial of service or configuration misuse. By allowing untrusted users to configure JMS with RMI or LDAP URLs, attackers could achieve remote code execution by loading attacker-controlled classes or objects. Although this requires the precondition that the attacker has access to JMS configuration, in many enterprise deployments this may be exposed through integration layers or misconfigured permissions, making the attack surface broader than a purely local or limited-scope scenario.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48913"
},
{
"category": "external",
"summary": "RHBZ#2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83",
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
}
],
"release_date": "2025-08-08T09:21:22.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:58:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17298"
},
{
"category": "workaround",
"details": "To reduce risk, deployments should restrict the allowed protocols in JMS configuration to trusted and expected values only. In particular, disallow the use of rmi:// and ldap:// URLs, which could be abused for remote class loading and code execution.",
"product_ids": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-08-13T15:01:55.372237+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "RHBZ#2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
"url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-08-13T14:17:36.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:58:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17298"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform uses secure, encrypted HTTPS connections over TLS 1.2 to reduce the risk of smuggling attacks by preventing the injection of ambiguous or malformed requests between components. The environment employs IPS/IDS and antimalware solutions to detect and block malicious code while ensuring consistent interpretation of HTTP requests across network layers, mitigating request/response inconsistencies. Event logs are collected and analyzed for centralization, correlation, monitoring, alerting, and retention, enabling the detection of malformed or suspicious HTTP traffic. Static code analysis and peer reviews enforce strong input validation and error handling to ensure all user inputs adhere to HTTP protocol specifications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:58:17+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17298"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-commons-lang-0:3.18.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.9-4.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.9-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.0.1-2.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.0.1-2.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.0-55.GA_redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.0-55.GA_redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
}
]
}
RHSA-2025:17299
Vulnerability from csaf_redhat - Published: 2025-10-02 14:54 - Updated: 2025-11-25 03:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.1. See Release Notes for information about the most
significant bug fixes and enhancements included in this release.
Security Fix(es):
* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)
* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)
* cxf: CXF JMS Code Execution Vulnerability [eap-8.1.z] (CVE-2025-48913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.1. See Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)\n\n* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)\n\n* cxf: CXF JMS Code Execution Vulnerability [eap-8.1.z] (CVE-2025-48913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17299",
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7129481",
"url": "https://access.redhat.com/articles/7129481"
},
{
"category": "external",
"summary": "2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "JBEAP-30701",
"url": "https://issues.redhat.com/browse/JBEAP-30701"
},
{
"category": "external",
"summary": "JBEAP-30732",
"url": "https://issues.redhat.com/browse/JBEAP-30732"
},
{
"category": "external",
"summary": "JBEAP-30759",
"url": "https://issues.redhat.com/browse/JBEAP-30759"
},
{
"category": "external",
"summary": "JBEAP-30761",
"url": "https://issues.redhat.com/browse/JBEAP-30761"
},
{
"category": "external",
"summary": "JBEAP-30763",
"url": "https://issues.redhat.com/browse/JBEAP-30763"
},
{
"category": "external",
"summary": "JBEAP-30887",
"url": "https://issues.redhat.com/browse/JBEAP-30887"
},
{
"category": "external",
"summary": "JBEAP-30889",
"url": "https://issues.redhat.com/browse/JBEAP-30889"
},
{
"category": "external",
"summary": "JBEAP-30891",
"url": "https://issues.redhat.com/browse/JBEAP-30891"
},
{
"category": "external",
"summary": "JBEAP-30916",
"url": "https://issues.redhat.com/browse/JBEAP-30916"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17299.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update",
"tracking": {
"current_release_date": "2025-11-25T03:02:48+00:00",
"generator": {
"date": "2025-11-25T03:02:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:17299",
"initial_release_date": "2025-10-02T14:54:02+00:00",
"revision_history": [
{
"date": "2025-10-02T14:54:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-02T14:54:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-25T03:02:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8.1.0",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.1.0",
"product_id": "Red Hat JBoss Enterprise Application Platform 8.1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-08T10:00:54.007824+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw should be considered Important because the impact goes beyond a simple denial of service or configuration misuse. By allowing untrusted users to configure JMS with RMI or LDAP URLs, attackers could achieve remote code execution by loading attacker-controlled classes or objects. Although this requires the precondition that the attacker has access to JMS configuration, in many enterprise deployments this may be exposed through integration layers or misconfigured permissions, making the attack surface broader than a purely local or limited-scope scenario.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48913"
},
{
"category": "external",
"summary": "RHBZ#2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83",
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
}
],
"release_date": "2025-08-08T09:21:22.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "workaround",
"details": "To reduce risk, deployments should restrict the allowed protocols in JMS configuration to trusted and expected values only. In particular, disallow the use of rmi:// and ldap:// URLs, which could be abused for remote class loading and code execution.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-08-13T15:01:55.372237+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "RHBZ#2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
"url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-08-13T14:17:36.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform uses secure, encrypted HTTPS connections over TLS 1.2 to reduce the risk of smuggling attacks by preventing the injection of ambiguous or malformed requests between components. The environment employs IPS/IDS and antimalware solutions to detect and block malicious code while ensuring consistent interpretation of HTTP requests across network layers, mitigating request/response inconsistencies. Event logs are collected and analyzed for centralization, correlation, monitoring, alerting, and retention, enabling the detection of malformed or suspicious HTTP traffic. Static code analysis and peer reviews enforce strong input validation and error handling to ensure all user inputs adhere to HTTP protocol specifications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
}
]
}
RHSA-2025:17317
Vulnerability from csaf_redhat - Published: 2025-10-02 17:38 - Updated: 2025-11-25 03:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability (CVE-2025-55163)
* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.0.z] (CVE-2025-58056)
* cxf: CXF JMS Code Execution Vulnerability (CVE-2025-48913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability (CVE-2025-55163)\n\n* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.0.z] (CVE-2025-58056)\n\n* cxf: CXF JMS Code Execution Vulnerability (CVE-2025-48913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17317",
"url": "https://access.redhat.com/errata/RHSA-2025:17317"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7131053",
"url": "https://access.redhat.com/articles/7131053"
},
{
"category": "external",
"summary": "2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "JBEAP-30702",
"url": "https://issues.redhat.com/browse/JBEAP-30702"
},
{
"category": "external",
"summary": "JBEAP-30733",
"url": "https://issues.redhat.com/browse/JBEAP-30733"
},
{
"category": "external",
"summary": "JBEAP-30757",
"url": "https://issues.redhat.com/browse/JBEAP-30757"
},
{
"category": "external",
"summary": "JBEAP-30758",
"url": "https://issues.redhat.com/browse/JBEAP-30758"
},
{
"category": "external",
"summary": "JBEAP-30760",
"url": "https://issues.redhat.com/browse/JBEAP-30760"
},
{
"category": "external",
"summary": "JBEAP-30762",
"url": "https://issues.redhat.com/browse/JBEAP-30762"
},
{
"category": "external",
"summary": "JBEAP-30886",
"url": "https://issues.redhat.com/browse/JBEAP-30886"
},
{
"category": "external",
"summary": "JBEAP-30888",
"url": "https://issues.redhat.com/browse/JBEAP-30888"
},
{
"category": "external",
"summary": "JBEAP-30890",
"url": "https://issues.redhat.com/browse/JBEAP-30890"
},
{
"category": "external",
"summary": "JBEAP-30917",
"url": "https://issues.redhat.com/browse/JBEAP-30917"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17317.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update",
"tracking": {
"current_release_date": "2025-11-25T03:02:53+00:00",
"generator": {
"date": "2025-11-25T03:02:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:17317",
"initial_release_date": "2025-10-02T17:38:07+00:00",
"revision_history": [
{
"date": "2025-10-02T17:38:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-02T17:38:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-25T03:02:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.1.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.9.1-3.GA_redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-5.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.9-8.GA_redhat_00008.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.1.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.9.1-3.GA_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-5.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.9-8.GA_redhat_00008.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.1.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-boolean@4.1.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-bug986@4.1.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-dv@4.1.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-runtime@4.1.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-ts@4.1.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.9.1-3.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.9.1-3.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-core@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-profile-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-soap-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-api@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-impl@4.3.2-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.127-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-bindings@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-policy@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-common@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-dom@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-policy-stax@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-stax@3.0.4-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-5.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.9-5.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.9-5.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.9-5.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.9-8.GA_redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.9-8.GA_redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.9-8.GA_redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.9-8.GA_redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.9-8.GA_redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-boolean@4.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-bug986@4.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-dv@4.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-runtime@4.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-ts@4.1.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.9.1-3.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.9.1-3.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-core@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-profile-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-soap-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-api@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-impl@4.3.2-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.127-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-bindings@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-policy@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-common@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-dom@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-policy-stax@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-stax@3.0.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.9-5.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.9-5.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.9-5.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.9-5.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.9-8.GA_redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.9-8.GA_redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.9-8.GA_redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.9-8.GA_redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.9-8.GA_redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.127-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.127-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.127-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-08T10:00:54.007824+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw should be considered Important because the impact goes beyond a simple denial of service or configuration misuse. By allowing untrusted users to configure JMS with RMI or LDAP URLs, attackers could achieve remote code execution by loading attacker-controlled classes or objects. Although this requires the precondition that the attacker has access to JMS configuration, in many enterprise deployments this may be exposed through integration layers or misconfigured permissions, making the attack surface broader than a purely local or limited-scope scenario.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48913"
},
{
"category": "external",
"summary": "RHBZ#2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83",
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
}
],
"release_date": "2025-08-08T09:21:22.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T17:38:07+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17317"
},
{
"category": "workaround",
"details": "To reduce risk, deployments should restrict the allowed protocols in JMS configuration to trusted and expected values only. In particular, disallow the use of rmi:// and ldap:// URLs, which could be abused for remote class loading and code execution.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-08-13T15:01:55.372237+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "RHBZ#2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
"url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-08-13T14:17:36.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T17:38:07+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17317"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform uses secure, encrypted HTTPS connections over TLS 1.2 to reduce the risk of smuggling attacks by preventing the injection of ambiguous or malformed requests between components. The environment employs IPS/IDS and antimalware solutions to detect and block malicious code while ensuring consistent interpretation of HTTP requests across network layers, mitigating request/response inconsistencies. Event logs are collected and analyzed for centralization, correlation, monitoring, alerting, and retention, enabling the detection of malformed or suspicious HTTP traffic. Static code analysis and peer reviews enforce strong input validation and error handling to ensure all user inputs adhere to HTTP protocol specifications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T17:38:07+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17317"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el8eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.9-5.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.9-5.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.1.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.1.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.9.1-3.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.9.1-3.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.127-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.127-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.3.2-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.3.2-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.9-8.GA_redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.9-8.GA_redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.4-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.4-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.5-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
}
]
}
RHSA-2025:17318
Vulnerability from csaf_redhat - Published: 2025-10-02 17:34 - Updated: 2025-11-25 03:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
(CVE-2025-55163)
* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.0.z] (CVE-2025-58056)
* cxf: CXF JMS Code Execution Vulnerability (CVE-2025-48913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability\n(CVE-2025-55163)\n\n* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.0.z] (CVE-2025-58056)\n\n* cxf: CXF JMS Code Execution Vulnerability (CVE-2025-48913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17318",
"url": "https://access.redhat.com/errata/RHSA-2025:17318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7131053",
"url": "https://access.redhat.com/articles/7131053"
},
{
"category": "external",
"summary": "2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "JBEAP-30702",
"url": "https://issues.redhat.com/browse/JBEAP-30702"
},
{
"category": "external",
"summary": "JBEAP-30733",
"url": "https://issues.redhat.com/browse/JBEAP-30733"
},
{
"category": "external",
"summary": "JBEAP-30757",
"url": "https://issues.redhat.com/browse/JBEAP-30757"
},
{
"category": "external",
"summary": "JBEAP-30758",
"url": "https://issues.redhat.com/browse/JBEAP-30758"
},
{
"category": "external",
"summary": "JBEAP-30760",
"url": "https://issues.redhat.com/browse/JBEAP-30760"
},
{
"category": "external",
"summary": "JBEAP-30762",
"url": "https://issues.redhat.com/browse/JBEAP-30762"
},
{
"category": "external",
"summary": "JBEAP-30886",
"url": "https://issues.redhat.com/browse/JBEAP-30886"
},
{
"category": "external",
"summary": "JBEAP-30888",
"url": "https://issues.redhat.com/browse/JBEAP-30888"
},
{
"category": "external",
"summary": "JBEAP-30890",
"url": "https://issues.redhat.com/browse/JBEAP-30890"
},
{
"category": "external",
"summary": "JBEAP-30917",
"url": "https://issues.redhat.com/browse/JBEAP-30917"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17318.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update",
"tracking": {
"current_release_date": "2025-11-25T03:02:49+00:00",
"generator": {
"date": "2025-11-25T03:02:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:17318",
"initial_release_date": "2025-10-02T17:34:35+00:00",
"revision_history": [
{
"date": "2025-10-02T17:34:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-02T17:34:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-25T03:02:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8.0.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.0.9",
"product_id": "Red Hat JBoss Enterprise Application Platform 8.0.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-08T10:00:54.007824+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw should be considered Important because the impact goes beyond a simple denial of service or configuration misuse. By allowing untrusted users to configure JMS with RMI or LDAP URLs, attackers could achieve remote code execution by loading attacker-controlled classes or objects. Although this requires the precondition that the attacker has access to JMS configuration, in many enterprise deployments this may be exposed through integration layers or misconfigured permissions, making the attack surface broader than a purely local or limited-scope scenario.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48913"
},
{
"category": "external",
"summary": "RHBZ#2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83",
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
}
],
"release_date": "2025-08-08T09:21:22.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T17:34:35+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17318"
},
{
"category": "workaround",
"details": "To reduce risk, deployments should restrict the allowed protocols in JMS configuration to trusted and expected values only. In particular, disallow the use of rmi:// and ldap:// URLs, which could be abused for remote class loading and code execution.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-08-13T15:01:55.372237+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "RHBZ#2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
"url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-08-13T14:17:36.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T17:34:35+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17318"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform uses secure, encrypted HTTPS connections over TLS 1.2 to reduce the risk of smuggling attacks by preventing the injection of ambiguous or malformed requests between components. The environment employs IPS/IDS and antimalware solutions to detect and block malicious code while ensuring consistent interpretation of HTTP requests across network layers, mitigating request/response inconsistencies. Event logs are collected and analyzed for centralization, correlation, monitoring, alerting, and retention, enabling the detection of malformed or suspicious HTTP traffic. Static code analysis and peer reviews enforce strong input validation and error handling to ensure all user inputs adhere to HTTP protocol specifications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T17:34:35+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17318"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.9"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
}
]
}
GHSA-G4PX-6QHM-HQJM
Vulnerability from github – Published: 2025-08-08 12:32 – Updated: 2025-11-05 20:34
VLAI?
Summary
Apache CXF: Untrusted JMS configuration can lead to RCE
Details
If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.
Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cxf:cxf-rt-transports-jms"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cxf:cxf-rt-transports-jms"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.0.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cxf:cxf-rt-transports-jms"
},
"ranges": [
{
"events": [
{
"introduced": "4.1.0"
},
{
"fixed": "4.1.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-48913"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": true,
"github_reviewed_at": "2025-08-08T16:44:10Z",
"nvd_published_at": "2025-08-08T10:15:25Z",
"severity": "MODERATE"
},
"details": "If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\n\nUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.",
"id": "GHSA-g4px-6qhm-hqjm",
"modified": "2025-11-05T20:34:29Z",
"published": "2025-08-08T12:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
},
{
"type": "WEB",
"url": "https://github.com/apache/cxf/commit/24e50ffeca3132570c2f297c5c7dbd05a1bb1bfa"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/cxf"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/08/07/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "Apache CXF: Untrusted JMS configuration can lead to RCE"
}
NCSC-2025-0323
Vulnerability from csaf_ncscnl - Published: 2025-10-17 08:04 - Updated: 2025-10-17 08:04Summary
Kwetsbaarheden verholpen in SAP Producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
SAP heeft kwetsbaarheden verholpen in diverse SAP producten.
Interpretaties
De kwetsbaarheden omvatten een deserialisatie kwetsbaarheid die ongeauthenticeerde aanvallers in staat stelt om willekeurige OS-commando's uit te voeren, en een CSRF-kwetsbaarheid die geauthenticeerde aanvallers in staat stelt om kritieke autorisatiecontroles te omzeilen. Daarnaast zijn er kwetsbaarheden die leiden tot ongeautoriseerde toegang tot gevoelige ABAP-code en de mogelijkheid om verwerkingsregels te verwijderen zonder de juiste autorisatie. Deze kwetsbaarheden kunnen leiden tot ernstige gevolgen voor de integriteit en vertrouwelijkheid van de applicatie.
Oplossingen
SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
medium
CWE-20
Improper Input Validation
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-35
Path Traversal: '.../...//'
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-204
Observable Response Discrepancy
CWE-352
Cross-Site Request Forgery (CSRF)
CWE-400
Uncontrolled Resource Consumption
CWE-434
Unrestricted Upload of File with Dangerous Type
CWE-476
NULL Pointer Dereference
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE-502
Deserialization of Untrusted Data
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-863
Incorrect Authorization
CWE-1004
Sensitive Cookie Without 'HttpOnly' Flag
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "SAP heeft kwetsbaarheden verholpen in diverse SAP producten.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten een deserialisatie kwetsbaarheid die ongeauthenticeerde aanvallers in staat stelt om willekeurige OS-commando\u0027s uit te voeren, en een CSRF-kwetsbaarheid die geauthenticeerde aanvallers in staat stelt om kritieke autorisatiecontroles te omzeilen. Daarnaast zijn er kwetsbaarheden die leiden tot ongeautoriseerde toegang tot gevoelige ABAP-code en de mogelijkheid om verwerkingsregels te verwijderen zonder de juiste autorisatie. Deze kwetsbaarheden kunnen leiden tot ernstige gevolgen voor de integriteit en vertrouwelijkheid van de applicatie.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "medium",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Observable Response Discrepancy",
"title": "CWE-204"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"title": "CWE-497"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag",
"title": "CWE-1004"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in SAP Producten",
"tracking": {
"current_release_date": "2025-10-17T08:04:54.828451Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0323",
"initial_release_date": "2025-10-17T08:04:54.828451Z",
"revision_history": [
{
"date": "2025-10-17T08:04:54.828451Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Application Server for ABAP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Cloud Appliance Library Appliances"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Commerce Cloud"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Financial Service Claims Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "NetWeaver Application Server for ABAP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Netweaver"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Netweaver AS ABAP and ABAP Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Print Service"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "S4HANA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "SAP Commerce Cloud"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Supplier Relationship Management"
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-42944",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "description",
"text": "A deserialization vulnerability in SAP NetWeaver\u0027s RMI-P4 module allows unauthenticated attackers to execute arbitrary OS commands, posing significant security risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42944 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42944.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42944"
},
{
"cve": "CVE-2025-42937",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "other",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "description",
"text": "SAP Print Service (SAPSprint) contains a directory traversal vulnerability that allows unauthenticated attackers to manipulate path information, potentially compromising system files and affecting the application\u0027s confidentiality, integrity, and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42937 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42937.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42937"
},
{
"cve": "CVE-2025-42910",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "other",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "description",
"text": "SAP Supplier Relationship Management has an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary files, potentially leading to malware execution and compromising the application\u0027s confidentiality, integrity, and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42910 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42910.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42910"
},
{
"cve": "CVE-2025-5115",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "The \u0027MadeYouReset\u0027 vulnerability in HTTP/2 affects certain versions of Eclipse Jetty, allowing attackers to exploit malformed control frames for resource exhaustion and denial of service, alongside a related DoS vulnerability in SAP Commerce Cloud.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-48913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Recent vulnerabilities in Apache CXF allow untrusted users to configure JMS with RMI or LDAP URLs, leading to potential code execution, with specific versions recommended for upgrade to address these issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48913 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48913.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-48913"
},
{
"cve": "CVE-2025-0059",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"title": "CWE-497"
},
{
"category": "description",
"text": "SAP NetWeaver Application Server ABAP applications using SAP GUI for HTML have a vulnerability that allows attackers with administrative privileges to access sensitive user data stored in local browser storage.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-0059 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-0059.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-0059"
},
{
"cve": "CVE-2025-42901",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "description",
"text": "The SAP Application Server for ABAP has vulnerabilities allowing authenticated attackers to execute malicious JavaScript payloads and perform code injection via the BAPI explorer and BAPI Browser, respectively.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42901 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42901.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42901"
},
{
"cve": "CVE-2025-42908",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "description",
"text": "A CSRF vulnerability in SAP NetWeaver Application Server for ABAP enables authenticated attackers to bypass authorization checks, leading to unauthorized transactions that compromise system integrity and confidentiality.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42908 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42908.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42908"
},
{
"cve": "CVE-2025-42906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "description",
"text": "SAP Commerce Cloud contains a directory traversal vulnerability that allows unauthorized access to the Administration Console from unintended addresses, posing a low risk to confidentiality.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42906 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42906.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42906"
},
{
"cve": "CVE-2025-42902",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A memory corruption vulnerability in SAP NetWeaver AS ABAP and ABAP Platform allows unauthenticated attackers to crash the application server via corrupted SAP Logon or Assertion Tickets, impacting availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42902 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42902.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42902"
},
{
"cve": "CVE-2025-42939",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "description",
"text": "SAP S/4HANA (Manage Processing Rules - For Bank Statements) has a vulnerability allowing authenticated attackers to delete shared rule conditions due to a missing authorization check, compromising application integrity.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42939 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42939.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42939"
},
{
"cve": "CVE-2025-31331",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "description",
"text": "SAP NetWeaver has a vulnerability that enables attackers to bypass authorization checks, allowing unauthorized access to sensitive ABAP code and compromising confidentiality.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31331 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31331.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-31331"
},
{
"cve": "CVE-2025-42903",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Response Discrepancy",
"title": "CWE-204"
},
{
"category": "description",
"text": "A vulnerability in SAP Financial Service Claims Management\u0027s RFC function ICL_USER_GET_NAME_AND_ADDRESS allows for user enumeration and potential personal data exposure, presenting a low confidentiality risk.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42903 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42903.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42903"
},
{
"cve": "CVE-2025-31672",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Recent vulnerabilities in Apache POI, Oracle Business Process Management Suite, and SAP BusinessObjects expose systems to risks including improper input validation, unauthenticated access, and deserialization issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31672 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-42909",
"cwe": {
"id": "CWE-1004",
"name": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag"
},
"notes": [
{
"category": "other",
"text": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag",
"title": "CWE-1004"
},
{
"category": "description",
"text": "SAP Cloud Appliance Library Appliances have a security misconfiguration vulnerability that allows high-privilege attackers to exploit insecure default profile settings to access other appliances, posing a low risk to confidentiality.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42909 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42909.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.0,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-42909"
}
]
}
CERTFR-2025-AVI-0867
Vulnerability from certfr_avis - Published: 2025-10-14 - Updated: 2025-10-14
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | SAP NetWeaver AS Java | NetWeaver AS Java version SERVERCORE 7.50 sans le dernier correctif de sécurité | ||
| SAP | Financial Service Claims Management | Financial Service Claims Management versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 et 109 sans le dernier correctif de sécurité | ||
| SAP | Print Service | Print Service versions SAPSPRINT 8.00 et 8.10 sans le dernier correctif de sécurité | ||
| SAP | Data Hub Integration Suite | Data Hub Integration Suite version CX_DATAHUB_INT_PACK 2205 sans le dernier correctif de sécurité | ||
| SAP | BusinessObjects | BusinessObjects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | Application Server pour ABAP versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 et 9.16 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité | ||
| SAP | S/4HANA | S/4HANA versions S4CORE 104, 105, 106, 107, 108 et 109 sans le dernier correctif de sécurité | ||
| SAP | Cloud Appliance Library Appliances | Cloud Appliance Library Appliances version TITANIUM_WEBAPP 4.0 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | Application Server pour ABAP versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 et 816 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | NetWeaver Application Server ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 et 9.16 sans le dernier correctif de sécurité | ||
| SAP | Supplier Relationship Management | Supplier Relationship Management versions SRMNXP01 100 et 150 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP | NetWeaver Application Server ABAP versions RNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.12 et 9.14 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NetWeaver AS Java version SERVERCORE 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Financial Service Claims Management versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Financial Service Claims Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Print Service versions SAPSPRINT 8.00 et 8.10 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Print Service",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Data Hub Integration Suite version CX_DATAHUB_INT_PACK 2205 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Data Hub Integration Suite",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "BusinessObjects",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Application Server pour ABAP versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 et 9.16 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA versions S4CORE 104, 105, 106, 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Cloud Appliance Library Appliances version TITANIUM_WEBAPP 4.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Cloud Appliance Library Appliances",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Application Server pour ABAP versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 et 816 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 et 9.16 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Supplier Relationship Management versions SRMNXP01 100 et 150 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Supplier Relationship Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server ABAP versions RNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.12 et 9.14 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-42944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42944"
},
{
"name": "CVE-2025-42906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42906"
},
{
"name": "CVE-2025-42902",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42902"
},
{
"name": "CVE-2025-42903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42903"
},
{
"name": "CVE-2025-42910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42910"
},
{
"name": "CVE-2025-42909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42909"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-42984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42984"
},
{
"name": "CVE-2025-42908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42908"
},
{
"name": "CVE-2025-42937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42937"
},
{
"name": "CVE-2025-0059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0059"
},
{
"name": "CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"name": "CVE-2025-42939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42939"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-31331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31331"
},
{
"name": "CVE-2025-42901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42901"
}
],
"initial_release_date": "2025-10-14T00:00:00",
"last_revision_date": "2025-10-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0867",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 SAP october-2025",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html"
}
]
}
CERTFR-2025-AVI-0867
Vulnerability from certfr_avis - Published: 2025-10-14 - Updated: 2025-10-14
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | SAP NetWeaver AS Java | NetWeaver AS Java version SERVERCORE 7.50 sans le dernier correctif de sécurité | ||
| SAP | Financial Service Claims Management | Financial Service Claims Management versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 et 109 sans le dernier correctif de sécurité | ||
| SAP | Print Service | Print Service versions SAPSPRINT 8.00 et 8.10 sans le dernier correctif de sécurité | ||
| SAP | Data Hub Integration Suite | Data Hub Integration Suite version CX_DATAHUB_INT_PACK 2205 sans le dernier correctif de sécurité | ||
| SAP | BusinessObjects | BusinessObjects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | Application Server pour ABAP versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 et 9.16 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver | NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité | ||
| SAP | S/4HANA | S/4HANA versions S4CORE 104, 105, 106, 107, 108 et 109 sans le dernier correctif de sécurité | ||
| SAP | Cloud Appliance Library Appliances | Cloud Appliance Library Appliances version TITANIUM_WEBAPP 4.0 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | Application Server pour ABAP versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 et 816 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | NetWeaver Application Server ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 et 9.16 sans le dernier correctif de sécurité | ||
| SAP | Supplier Relationship Management | Supplier Relationship Management versions SRMNXP01 100 et 150 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP | NetWeaver Application Server ABAP versions RNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.12 et 9.14 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NetWeaver AS Java version SERVERCORE 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Financial Service Claims Management versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Financial Service Claims Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Print Service versions SAPSPRINT 8.00 et 8.10 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Print Service",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Data Hub Integration Suite version CX_DATAHUB_INT_PACK 2205 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Data Hub Integration Suite",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "BusinessObjects",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Application Server pour ABAP versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 et 9.16 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA versions S4CORE 104, 105, 106, 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Cloud Appliance Library Appliances version TITANIUM_WEBAPP 4.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Cloud Appliance Library Appliances",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Application Server pour ABAP versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 et 816 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 et 9.16 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Supplier Relationship Management versions SRMNXP01 100 et 150 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Supplier Relationship Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server ABAP versions RNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.12 et 9.14 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-42944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42944"
},
{
"name": "CVE-2025-42906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42906"
},
{
"name": "CVE-2025-42902",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42902"
},
{
"name": "CVE-2025-42903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42903"
},
{
"name": "CVE-2025-42910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42910"
},
{
"name": "CVE-2025-42909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42909"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-42984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42984"
},
{
"name": "CVE-2025-42908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42908"
},
{
"name": "CVE-2025-42937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42937"
},
{
"name": "CVE-2025-0059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0059"
},
{
"name": "CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"name": "CVE-2025-42939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42939"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-31331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31331"
},
{
"name": "CVE-2025-42901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-42901"
}
],
"initial_release_date": "2025-10-14T00:00:00",
"last_revision_date": "2025-10-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0867",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 SAP october-2025",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html"
}
]
}
FKIE_CVE-2025-48913
Vulnerability from fkie_nvd - Published: 2025-08-08 10:15 - Updated: 2025-11-04 22:16
Severity ?
Summary
If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.
Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBCF1F5-333E-4307-ACC5-928C778200FE",
"versionEndExcluding": "3.6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326D5496-A8EB-4B4B-B489-CCD4936B6E3A",
"versionEndExcluding": "4.0.9",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "737DD9AE-43EC-4D4E-89C6-C84A3FF1A260",
"versionEndExcluding": "4.1.3",
"versionStartIncluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.\n\nUsers are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue."
},
{
"lang": "es",
"value": "Si se permite a usuarios no confiables configurar JMS para Apache CXF, anteriormente pod\u00edan usar URL RMI o LDAP, lo que podr\u00eda generar capacidades de ejecuci\u00f3n de c\u00f3digo. Esta interfaz ahora est\u00e1 restringida para rechazar dichos protocolos, eliminando esta posibilidad. Se recomienda a los usuarios actualizar a las versiones 3.6.8, 4.0.9 o 4.1.3, que solucionan este problema."
}
],
"id": "CVE-2025-48913",
"lastModified": "2025-11-04T22:16:17.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-08-08T10:15:25.663",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2025/08/07/2"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…