Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-52428 (GCVE-0-2023-52428)
Vulnerability from cvelistv5
Published
2024-02-11 00:00
Modified
2024-10-30 19:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T19:49:39.428104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T19:50:55.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"tags": [
"x_transferred"
],
"url": "https://connect2id.com/products/nimbus-jose-jwt"
},
{
"tags": [
"x_transferred"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-11T04:43:14.335876",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"url": "https://connect2id.com/products/nimbus-jose-jwt"
},
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-52428",
"datePublished": "2024-02-11T00:00:00",
"dateReserved": "2024-02-11T00:00:00",
"dateUpdated": "2024-10-30T19:50:55.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-52428\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-02-11T05:15:08.383\",\"lastModified\":\"2024-11-21T08:39:43.963\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.\"},{\"lang\":\"es\",\"value\":\"En Connect2id Nimbus JOSE+JWT anterior a 9.37.2, un atacante puede provocar una denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de un valor de encabezado JWE p2c grande (tambi\u00e9n conocido como recuento de iteraciones) para el componente PasswordBasedDecrypter (PBKDF2).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:connect2id:nimbus_jose\\\\+jwt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.37.2\",\"matchCriteriaId\":\"B33B5D00-0BBE-409A-B453-E9124F17CF99\"}]}]}],\"references\":[{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://connect2id.com/products/nimbus-jose-jwt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://connect2id.com/products/nimbus-jose-jwt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://connect2id.com/products/nimbus-jose-jwt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:55:41.674Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52428\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-30T19:49:39.428104Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770 Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:11.753Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\"}, {\"url\": \"https://connect2id.com/products/nimbus-jose-jwt\"}, {\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-02-11T04:43:14.335876\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-52428\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-30T19:50:55.784Z\", \"dateReserved\": \"2024-02-11T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-02-11T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2024-3508
Vulnerability from csaf_certbund
Published
2024-11-19 23:00
Modified
2024-11-19 23:00
Summary
Atlassian Confluence: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Confluence ist eine kommerzielle Wiki-Software.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen preiszugeben und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Confluence ist eine kommerzielle Wiki-Software.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, vertrauliche Informationen preiszugeben und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3508 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3508.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3508 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3508"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Confluence: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-19T23:00:00.000+00:00",
"generator": {
"date": "2024-11-20T10:42:48.003+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3508",
"initial_release_date": "2024-11-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.1",
"product": {
"name": "Atlassian Confluence \u003c9.1.1",
"product_id": "T039313"
}
},
{
"category": "product_version",
"name": "9.1.1",
"product": {
"name": "Atlassian Confluence 9.1.1",
"product_id": "T039313-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.9.8",
"product": {
"name": "Atlassian Confluence \u003c8.9.8",
"product_id": "T039314"
}
},
{
"category": "product_version",
"name": "8.9.8",
"product": {
"name": "Atlassian Confluence 8.9.8",
"product_id": "T039314-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.9.8"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c8.5.17",
"product": {
"name": "Atlassian Confluence LTS \u003c8.5.17",
"product_id": "T039315"
}
},
{
"category": "product_version",
"name": "LTS 8.5.17",
"product": {
"name": "Atlassian Confluence LTS 8.5.17",
"product_id": "T039315-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:lts__8.5.17"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c7.19.29",
"product": {
"name": "Atlassian Confluence LTS \u003c7.19.29",
"product_id": "T039316"
}
},
{
"category": "product_version",
"name": "LTS 7.19.29",
"product": {
"name": "Atlassian Confluence LTS 7.19.29",
"product_id": "T039316-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:lts__7.19.29"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38900",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-24549",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-4068",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2023-46234",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Handhabung der kryptographischen Signatur\u00fcberpr\u00fcfung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Authentifizierung und Sitzungsverwaltung zu umgehen."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-46234"
},
{
"cve": "CVE-2024-38816",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler betrifft spring-webmvc aufgrund eines Path Traversal Problems bei der Verwendung bestimmter Konfigurationen (RouterFunctions mit FileSystemResource). Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-38816"
}
]
}
wid-sec-w-2024-3663
Vulnerability from csaf_certbund
Published
2024-12-10 23:00
Modified
2024-12-10 23:00
Summary
Atlassian Bamboo: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Angriff
Ein entfernter Angreifer kann mehrere Schwachstellen in Atlassian Bamboo ausnutzen, um Dateien zu manipulieren oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Atlassian Bamboo ausnutzen, um Dateien zu manipulieren oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3663 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3663.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3663 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3663"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin December 2024 vom 2024-12-10",
"url": "https://confluence.atlassian.com/security/security-bulletin-december-10-2024-1476624803.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-10T23:00:00.000+00:00",
"generator": {
"date": "2024-12-11T11:41:59.418+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-3663",
"initial_release_date": "2024-12-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-12-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c9.6.8",
"product": {
"name": "Atlassian Bamboo Data Center \u003c9.6.8",
"product_id": "T039700"
}
},
{
"category": "product_version",
"name": "Data Center 9.6.8",
"product": {
"name": "Atlassian Bamboo Data Center 9.6.8",
"product_id": "T039700-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__9.6.8"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.21",
"product": {
"name": "Atlassian Bamboo Data Center \u003c9.2.21",
"product_id": "T039701"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.21",
"product": {
"name": "Atlassian Bamboo Data Center 9.2.21",
"product_id": "T039701-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__9.2.21"
}
}
},
{
"category": "product_version_range",
"name": "Server \u003c9.2.21",
"product": {
"name": "Atlassian Bamboo Server \u003c9.2.21",
"product_id": "T039702"
}
},
{
"category": "product_version",
"name": "Server 9.2.21",
"product": {
"name": "Atlassian Bamboo Server 9.2.21",
"product_id": "T039702-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:server__9.2.21"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-31159",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Bamboo. Dieser Fehler existiert wegen einer Amazon AWS Java-SDK-Abh\u00e4ngigkeit, die es erlaubt, Verzeichnisse auf dem System zu durchlaufen. Durch das Senden einer speziell gestalteten URL-Anfrage, die \"Punkt-Punkt\"-Sequenzen (/../) enth\u00e4lt, kann ein entfernter, authentifizierter Angreifer diese Schwachstelle ausnutzen, um beliebige Dateien auf dem System zu ver\u00e4ndern. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T039700",
"T039702",
"T039701"
]
},
"release_date": "2024-12-10T23:00:00.000+00:00",
"title": "CVE-2022-31159"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Bamboo. Diese Fehler existieren wegen verschiedener Abh\u00e4ngigkeiten von Drittanbietern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039700",
"T039702",
"T039701"
]
},
"release_date": "2024-12-10T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-24549",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Bamboo. Diese Fehler existieren wegen verschiedener Abh\u00e4ngigkeiten von Drittanbietern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039700",
"T039702",
"T039701"
]
},
"release_date": "2024-12-10T23:00:00.000+00:00",
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Bamboo. Diese Fehler existieren wegen verschiedener Abh\u00e4ngigkeiten von Drittanbietern. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039700",
"T039702",
"T039701"
]
},
"release_date": "2024-12-10T23:00:00.000+00:00",
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-25710",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Bamboo. Dieser Fehler existiert wegen einer Apache Commons Compress-Abh\u00e4ngigkeit, die zu einer Endlosschleife f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039700",
"T039702",
"T039701"
]
},
"release_date": "2024-12-10T23:00:00.000+00:00",
"title": "CVE-2024-25710"
}
]
}
wid-sec-w-2024-3180
Vulnerability from csaf_certbund
Published
2024-10-14 22:00
Modified
2024-12-12 23:00
Summary
Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.
JBoss A-MQ ist eine Messaging-Plattform.
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.
Angriff
Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.\r\nJBoss A-MQ ist eine Messaging-Plattform.\r\nJBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.\r\nRed Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank f\u00fcr den schnellen Zugriff auf gro\u00dfe Datenvolumen und Skalierbarkeit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3180 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3180.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3180 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3180"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8339 vom 2024-10-22",
"url": "https://access.redhat.com/errata/RHSA-2024:8339"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7174634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8824 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8823 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8826 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12",
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
}
],
"source_lang": "en-US",
"title": "Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-12T23:00:00.000+00:00",
"generator": {
"date": "2024-12-13T10:13:00.893+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-3180",
"initial_release_date": "2024-10-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-04T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-12-12T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.4.3",
"product": {
"name": "Apache Camel \u003c4.4.3",
"product_id": "T038353"
}
},
{
"category": "product_version",
"name": "4.4.3",
"product": {
"name": "Apache Camel 4.4.3",
"product_id": "T038353-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:camel:4.4.3"
}
}
}
],
"category": "product_name",
"name": "Camel"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.3",
"product": {
"name": "Atlassian Bamboo \u003c10.0.3",
"product_id": "T039274"
}
},
{
"category": "product_version",
"name": "10.0.3",
"product": {
"name": "Atlassian Bamboo 10.0.3",
"product_id": "T039274-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.8",
"product": {
"name": "Atlassian Bamboo \u003c9.6.8",
"product_id": "T039275"
}
},
{
"category": "product_version",
"name": "9.6.8",
"product": {
"name": "Atlassian Bamboo 9.6.8",
"product_id": "T039275-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.20",
"product": {
"name": "Atlassian Bamboo \u003c9.2.20",
"product_id": "T039276"
}
},
{
"category": "product_version",
"name": "9.2.20",
"product": {
"name": "Atlassian Bamboo 9.2.20",
"product_id": "T039276-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.2.20"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
"product_id": "T038741"
}
},
{
"category": "product_version",
"name": "7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
"product_id": "T038741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Camel K 1",
"product": {
"name": "Red Hat Integration Camel K 1",
"product_id": "T031972",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:camel_k_1"
}
}
}
],
"category": "product_name",
"name": "Integration"
},
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ",
"product": {
"name": "Red Hat JBoss A-MQ",
"product_id": "T038357",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Data Grid",
"product": {
"name": "Red Hat JBoss Data Grid",
"product_id": "T038358",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Quarkus",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform Quarkus",
"product_id": "T038356",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:quarkus"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat Produkten. Dieser Fehler betrifft das Nimbus Jose JWT-Paket aufgrund einer unsachgem\u00e4\u00dfen Behandlung von gro\u00dfen JWE p2c-Header-Werten im PasswordBasedDecrypter, was einen \u00fcberm\u00e4\u00dfigen Ressourcenverbrauch erm\u00f6glicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-38809",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat Produkten. Dieser Fehler betrifft das Spring Web-Paket aufgrund einer unsachgem\u00e4\u00dfen ETag-Pr\u00e4fix-Validierung w\u00e4hrend des Parsings. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine b\u00f6swillig gestaltete bedingte HTTP-Anfrage sendet."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-38809"
},
{
"cve": "CVE-2024-38816",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat-Produkten. Dieser Fehler betrifft die Spring-Anwendungen aufgrund von unsachgem\u00e4\u00dfe Validierung von Dateipfaden bei der Verwendung der WebMvc.fn- oder WebFlux.fn-Frameworks, was eine Pfadumgehung erm\u00f6glicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen wie Konfigurationsdateien, Umgebungsvariablen oder Authentifizierungsdaten offenzulegen. Die offengelegten Informationen k\u00f6nnen zur Durchf\u00fchrung weiterer Angriffe verwendet werden, einschlie\u00dflich der Ausweitung von Privilegien, lateraler Bewegungen oder Remotecodeausf\u00fchrung innerhalb des Systems."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45294",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat-Produkten. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Behandlung von externen XML-Entit\u00e4ten in XSLT-Transformationen innerhalb von HAPI FHIR, wodurch b\u00f6sartiges XML mit DTD-Tags verarbeitet werden kann. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um XML XXE Injection durchzuf\u00fchren und so vertrauliche Informationen wie Dateien und Umgebungsvariablen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-45294"
},
{
"cve": "CVE-2024-47561",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat Produkten. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Behandlung von vom Benutzer bereitgestellten Avro-Schemata in Apache Avro. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren, indem er das spezielle Attribut \u201ejava-class\u201c verwendet."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-47561"
}
]
}
wid-sec-w-2024-0899
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-04-16 22:00
Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0899 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0899.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0899 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0899"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Fusion Middleware vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixFMW"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:07:49.019+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0899",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.3.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.3.0",
"product_id": "618028",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.3.0"
}
}
},
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.6",
"product": {
"name": "Oracle Fusion Middleware 8.5.6",
"product_id": "T024993",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.6"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-0231",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-0231"
},
{
"cve": "CVE-2019-10172",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-10172"
},
{
"cve": "CVE-2019-13990",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-13990"
},
{
"cve": "CVE-2021-23369",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2021-23369"
},
{
"cve": "CVE-2022-1471",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-24329",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-24329"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-34381",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-34381"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-45378",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-45378"
},
{
"cve": "CVE-2022-46337",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2022-48579",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-48579"
},
{
"cve": "CVE-2023-24021",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-24021"
},
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-31122",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-31122"
},
{
"cve": "CVE-2023-33201",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-35116",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-35887",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-35887"
},
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-37536",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-37536"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46589",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-1597",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-1597"
},
{
"cve": "CVE-2024-20991",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20991"
},
{
"cve": "CVE-2024-20992",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20992"
},
{
"cve": "CVE-2024-21006",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21006"
},
{
"cve": "CVE-2024-21007",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21007"
},
{
"cve": "CVE-2024-21117",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21117"
},
{
"cve": "CVE-2024-21118",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21118"
},
{
"cve": "CVE-2024-21119",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21119"
},
{
"cve": "CVE-2024-21120",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21120"
},
{
"cve": "CVE-2024-23635",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-23635"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
}
]
}
WID-SEC-W-2024-1650
Vulnerability from csaf_certbund
Published
2024-07-16 22:00
Modified
2024-07-16 22:00
Summary
Oracle Utilities Applications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen Lösungen für Ver- und Entsorger.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen L\u00f6sungen f\u00fcr Ver- und Entsorger.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1650 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1650.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1650 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1650"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Utilities Applications vom 2024-07-16",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixUTIL"
}
],
"source_lang": "en-US",
"title": "Oracle Utilities Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:29.436+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1650",
"initial_release_date": "2024-07-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "4.4.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.0.0",
"product_id": "T036262",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.2.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.2.0",
"product_id": "T036263",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.2.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.3.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.3.0",
"product_id": "T036264",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.3.0"
}
}
},
{
"category": "product_version",
"name": "4.5.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.5.0.0.0",
"product_id": "T036265",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=4.5.0.1.3",
"product": {
"name": "Oracle Utilities Applications \u003c=4.5.0.1.3",
"product_id": "T036266"
}
},
{
"category": "product_version",
"name": "24.1.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.1.0.0.0",
"product_id": "T036267",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "24.2.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.2.0.0.0",
"product_id": "T036268",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.2.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.3.0.6.0",
"product": {
"name": "Oracle Utilities Applications 4.3.0.6.0",
"product_id": "T036269",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.3.0.6.0"
}
}
}
],
"category": "product_name",
"name": "Utilities Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-29857"
}
]
}
wid-sec-w-2024-3507
Vulnerability from csaf_certbund
Published
2024-11-19 23:00
Modified
2024-11-19 23:00
Summary
Atlassian Jira Software: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Jira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3507 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3507.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3507 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3507"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Jira Software: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-19T23:00:00.000+00:00",
"generator": {
"date": "2024-11-20T10:42:47.633+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3507",
"initial_release_date": "2024-11-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.2",
"product": {
"name": "Atlassian Jira Software \u003c10.1.2",
"product_id": "T039317"
}
},
{
"category": "product_version",
"name": "10.1.2",
"product": {
"name": "Atlassian Jira Software 10.1.2",
"product_id": "T039317-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:10.1.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.1",
"product": {
"name": "Atlassian Jira Software \u003c10.1.1",
"product_id": "T039327"
}
},
{
"category": "product_version",
"name": "10.1.1",
"product": {
"name": "Atlassian Jira Software 10.1.1",
"product_id": "T039327-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.17.4",
"product": {
"name": "Atlassian Jira Software \u003c9.17.4",
"product_id": "T039328"
}
},
{
"category": "product_version",
"name": "9.17.4",
"product": {
"name": "Atlassian Jira Software 9.17.4",
"product_id": "T039328-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:9.17.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.17.5",
"product": {
"name": "Atlassian Jira Software \u003c9.17.5",
"product_id": "T039329"
}
},
{
"category": "product_version",
"name": "9.17.5",
"product": {
"name": "Atlassian Jira Software 9.17.5",
"product_id": "T039329-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:9.17.5"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c9.12.15",
"product": {
"name": "Atlassian Jira Software LTS \u003c9.12.15",
"product_id": "T039330"
}
},
{
"category": "product_version",
"name": "LTS 9.12.15",
"product": {
"name": "Atlassian Jira Software LTS 9.12.15",
"product_id": "T039330-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:lts__9.12.15"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c9.4.28",
"product": {
"name": "Atlassian Jira Software LTS \u003c9.4.28",
"product_id": "T039331"
}
},
{
"category": "product_version",
"name": "LTS 9.4.28",
"product": {
"name": "Atlassian Jira Software LTS 9.4.28",
"product_id": "T039331-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:lts__9.4.28"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.1.1",
"product": {
"name": "Atlassian Jira Software Service Management \u003c10.1.1",
"product_id": "T039332"
}
},
{
"category": "product_version",
"name": "Service Management 10.1.1",
"product": {
"name": "Atlassian Jira Software Service Management 10.1.1",
"product_id": "T039332-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management__10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.1.2",
"product": {
"name": "Atlassian Jira Software Service Management \u003c10.1.2",
"product_id": "T039333"
}
},
{
"category": "product_version",
"name": "Service Management 10.1.2",
"product": {
"name": "Atlassian Jira Software Service Management 10.1.2",
"product_id": "T039333-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management__10.1.2"
}
}
},
{
"category": "product_version_range",
"name": "Service Management LTS \u003c5.12.15",
"product": {
"name": "Atlassian Jira Software Service Management LTS \u003c5.12.15",
"product_id": "T039334"
}
},
{
"category": "product_version",
"name": "Service Management LTS 5.12.15",
"product": {
"name": "Atlassian Jira Software Service Management LTS 5.12.15",
"product_id": "T039334-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management_lts__5.12.15"
}
}
},
{
"category": "product_version_range",
"name": "Service Management LTS \u003c5.4.28",
"product": {
"name": "Atlassian Jira Software Service Management LTS \u003c5.4.28",
"product_id": "T039335"
}
},
{
"category": "product_version",
"name": "Service Management LTS 5.4.28",
"product": {
"name": "Atlassian Jira Software Service Management LTS 5.4.28",
"product_id": "T039335-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management_lts__5.4.28"
}
}
}
],
"category": "product_name",
"name": "Jira Software"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in der Atlassian Jira Software, die die Komponente com.nimbusds betrifft. Dieser Fehler ist auf die unsachgem\u00e4\u00dfe Handhabung von kryptographischen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039331",
"T039330",
"T039329",
"T039317",
"T039328",
"T039327",
"T039333",
"T039332",
"T039335",
"T039334"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-45801",
"notes": [
{
"category": "description",
"text": "In Atlassian Jira Software Core Data Center and Server existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T039331",
"T039330",
"T039329",
"T039317",
"T039328",
"T039327",
"T039333",
"T039332",
"T039335",
"T039334"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-45801"
}
]
}
WID-SEC-W-2024-3180
Vulnerability from csaf_certbund
Published
2024-10-14 22:00
Modified
2024-12-12 23:00
Summary
Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.
JBoss A-MQ ist eine Messaging-Plattform.
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.
Angriff
Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.\r\nJBoss A-MQ ist eine Messaging-Plattform.\r\nJBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.\r\nRed Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank f\u00fcr den schnellen Zugriff auf gro\u00dfe Datenvolumen und Skalierbarkeit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3180 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3180.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3180 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3180"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8339 vom 2024-10-22",
"url": "https://access.redhat.com/errata/RHSA-2024:8339"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7174634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8824 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8823 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8826 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12",
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
}
],
"source_lang": "en-US",
"title": "Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-12T23:00:00.000+00:00",
"generator": {
"date": "2024-12-13T10:13:00.893+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-3180",
"initial_release_date": "2024-10-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-04T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-12-12T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.4.3",
"product": {
"name": "Apache Camel \u003c4.4.3",
"product_id": "T038353"
}
},
{
"category": "product_version",
"name": "4.4.3",
"product": {
"name": "Apache Camel 4.4.3",
"product_id": "T038353-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:camel:4.4.3"
}
}
}
],
"category": "product_name",
"name": "Camel"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.3",
"product": {
"name": "Atlassian Bamboo \u003c10.0.3",
"product_id": "T039274"
}
},
{
"category": "product_version",
"name": "10.0.3",
"product": {
"name": "Atlassian Bamboo 10.0.3",
"product_id": "T039274-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.8",
"product": {
"name": "Atlassian Bamboo \u003c9.6.8",
"product_id": "T039275"
}
},
{
"category": "product_version",
"name": "9.6.8",
"product": {
"name": "Atlassian Bamboo 9.6.8",
"product_id": "T039275-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.20",
"product": {
"name": "Atlassian Bamboo \u003c9.2.20",
"product_id": "T039276"
}
},
{
"category": "product_version",
"name": "9.2.20",
"product": {
"name": "Atlassian Bamboo 9.2.20",
"product_id": "T039276-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.2.20"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
"product_id": "T038741"
}
},
{
"category": "product_version",
"name": "7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
"product_id": "T038741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Camel K 1",
"product": {
"name": "Red Hat Integration Camel K 1",
"product_id": "T031972",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:camel_k_1"
}
}
}
],
"category": "product_name",
"name": "Integration"
},
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ",
"product": {
"name": "Red Hat JBoss A-MQ",
"product_id": "T038357",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Data Grid",
"product": {
"name": "Red Hat JBoss Data Grid",
"product_id": "T038358",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Quarkus",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform Quarkus",
"product_id": "T038356",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:quarkus"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat Produkten. Dieser Fehler betrifft das Nimbus Jose JWT-Paket aufgrund einer unsachgem\u00e4\u00dfen Behandlung von gro\u00dfen JWE p2c-Header-Werten im PasswordBasedDecrypter, was einen \u00fcberm\u00e4\u00dfigen Ressourcenverbrauch erm\u00f6glicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-38809",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat Produkten. Dieser Fehler betrifft das Spring Web-Paket aufgrund einer unsachgem\u00e4\u00dfen ETag-Pr\u00e4fix-Validierung w\u00e4hrend des Parsings. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er eine b\u00f6swillig gestaltete bedingte HTTP-Anfrage sendet."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-38809"
},
{
"cve": "CVE-2024-38816",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat-Produkten. Dieser Fehler betrifft die Spring-Anwendungen aufgrund von unsachgem\u00e4\u00dfe Validierung von Dateipfaden bei der Verwendung der WebMvc.fn- oder WebFlux.fn-Frameworks, was eine Pfadumgehung erm\u00f6glicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen wie Konfigurationsdateien, Umgebungsvariablen oder Authentifizierungsdaten offenzulegen. Die offengelegten Informationen k\u00f6nnen zur Durchf\u00fchrung weiterer Angriffe verwendet werden, einschlie\u00dflich der Ausweitung von Privilegien, lateraler Bewegungen oder Remotecodeausf\u00fchrung innerhalb des Systems."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45294",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat-Produkten. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Behandlung von externen XML-Entit\u00e4ten in XSLT-Transformationen innerhalb von HAPI FHIR, wodurch b\u00f6sartiges XML mit DTD-Tags verarbeitet werden kann. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um XML XXE Injection durchzuf\u00fchren und so vertrauliche Informationen wie Dateien und Umgebungsvariablen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-45294"
},
{
"cve": "CVE-2024-47561",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Apache Camel und mehreren Red Hat Produkten. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Behandlung von vom Benutzer bereitgestellten Avro-Schemata in Apache Avro. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren, indem er das spezielle Attribut \u201ejava-class\u201c verwendet."
}
],
"product_status": {
"known_affected": [
"T039274",
"T039276",
"T031972",
"T039275",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-47561"
}
]
}
WID-SEC-W-2024-3507
Vulnerability from csaf_certbund
Published
2024-11-19 23:00
Modified
2024-11-19 23:00
Summary
Atlassian Jira Software: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Jira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3507 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3507.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3507 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3507"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Jira Software: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-19T23:00:00.000+00:00",
"generator": {
"date": "2024-11-20T10:42:47.633+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3507",
"initial_release_date": "2024-11-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.2",
"product": {
"name": "Atlassian Jira Software \u003c10.1.2",
"product_id": "T039317"
}
},
{
"category": "product_version",
"name": "10.1.2",
"product": {
"name": "Atlassian Jira Software 10.1.2",
"product_id": "T039317-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:10.1.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.1",
"product": {
"name": "Atlassian Jira Software \u003c10.1.1",
"product_id": "T039327"
}
},
{
"category": "product_version",
"name": "10.1.1",
"product": {
"name": "Atlassian Jira Software 10.1.1",
"product_id": "T039327-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.17.4",
"product": {
"name": "Atlassian Jira Software \u003c9.17.4",
"product_id": "T039328"
}
},
{
"category": "product_version",
"name": "9.17.4",
"product": {
"name": "Atlassian Jira Software 9.17.4",
"product_id": "T039328-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:9.17.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.17.5",
"product": {
"name": "Atlassian Jira Software \u003c9.17.5",
"product_id": "T039329"
}
},
{
"category": "product_version",
"name": "9.17.5",
"product": {
"name": "Atlassian Jira Software 9.17.5",
"product_id": "T039329-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:9.17.5"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c9.12.15",
"product": {
"name": "Atlassian Jira Software LTS \u003c9.12.15",
"product_id": "T039330"
}
},
{
"category": "product_version",
"name": "LTS 9.12.15",
"product": {
"name": "Atlassian Jira Software LTS 9.12.15",
"product_id": "T039330-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:lts__9.12.15"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c9.4.28",
"product": {
"name": "Atlassian Jira Software LTS \u003c9.4.28",
"product_id": "T039331"
}
},
{
"category": "product_version",
"name": "LTS 9.4.28",
"product": {
"name": "Atlassian Jira Software LTS 9.4.28",
"product_id": "T039331-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:lts__9.4.28"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.1.1",
"product": {
"name": "Atlassian Jira Software Service Management \u003c10.1.1",
"product_id": "T039332"
}
},
{
"category": "product_version",
"name": "Service Management 10.1.1",
"product": {
"name": "Atlassian Jira Software Service Management 10.1.1",
"product_id": "T039332-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management__10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.1.2",
"product": {
"name": "Atlassian Jira Software Service Management \u003c10.1.2",
"product_id": "T039333"
}
},
{
"category": "product_version",
"name": "Service Management 10.1.2",
"product": {
"name": "Atlassian Jira Software Service Management 10.1.2",
"product_id": "T039333-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management__10.1.2"
}
}
},
{
"category": "product_version_range",
"name": "Service Management LTS \u003c5.12.15",
"product": {
"name": "Atlassian Jira Software Service Management LTS \u003c5.12.15",
"product_id": "T039334"
}
},
{
"category": "product_version",
"name": "Service Management LTS 5.12.15",
"product": {
"name": "Atlassian Jira Software Service Management LTS 5.12.15",
"product_id": "T039334-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management_lts__5.12.15"
}
}
},
{
"category": "product_version_range",
"name": "Service Management LTS \u003c5.4.28",
"product": {
"name": "Atlassian Jira Software Service Management LTS \u003c5.4.28",
"product_id": "T039335"
}
},
{
"category": "product_version",
"name": "Service Management LTS 5.4.28",
"product": {
"name": "Atlassian Jira Software Service Management LTS 5.4.28",
"product_id": "T039335-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management_lts__5.4.28"
}
}
}
],
"category": "product_name",
"name": "Jira Software"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in der Atlassian Jira Software, die die Komponente com.nimbusds betrifft. Dieser Fehler ist auf die unsachgem\u00e4\u00dfe Handhabung von kryptographischen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039331",
"T039330",
"T039329",
"T039317",
"T039328",
"T039327",
"T039333",
"T039332",
"T039335",
"T039334"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-45801",
"notes": [
{
"category": "description",
"text": "In Atlassian Jira Software Core Data Center and Server existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T039331",
"T039330",
"T039329",
"T039317",
"T039328",
"T039327",
"T039333",
"T039332",
"T039335",
"T039334"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-45801"
}
]
}
wid-sec-w-2025-0225
Vulnerability from csaf_certbund
Published
2025-01-30 23:00
Modified
2025-08-04 22:00
Summary
Dell PowerProtect Data Domain: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um erhöhte Rechte zu erlangen, einen Denial-of-Service-Zustand herbeizuführen und einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um erh\u00f6hte Rechte zu erlangen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0225 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0225.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0225 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0225"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-022 vom 2025-01-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2804 vom 2025-04-02",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2804.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7429-2 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7429-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7429-1 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7429-1"
},
{
"category": "external",
"summary": "Security Update for Dell PowerProtect Data Domain",
"url": "https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell PowerProtect Data Domain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-04T22:00:00.000+00:00",
"generator": {
"date": "2025-08-05T07:21:04.568+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0225",
"initial_release_date": "2025-01-30T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-30T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.3.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.3.0.0",
"product_id": "T040718"
}
},
{
"category": "product_version",
"name": "8.3.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.3.0.0",
"product_id": "T040718-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.20",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.20",
"product_id": "T040719"
}
},
{
"category": "product_version",
"name": "7.13.1.20",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.20",
"product_id": "T040719-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.20"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.50",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.50",
"product_id": "T040721"
}
},
{
"category": "product_version",
"name": "7.10.1.50",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.50",
"product_id": "T040721-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.50"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T045852",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain Management Center",
"product": {
"name": "Dell PowerProtect Data Domain Management Center",
"product_id": "T045853",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain_management_center:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain OS",
"product": {
"name": "Dell PowerProtect Data Domain OS",
"product_id": "T045854",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-4235",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2013-4235"
},
{
"cve": "CVE-2015-8100",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2015-8100"
},
{
"cve": "CVE-2017-9271",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2017-9271"
},
{
"cve": "CVE-2018-6798",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2018-6798"
},
{
"cve": "CVE-2018-6913",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2018-6913"
},
{
"cve": "CVE-2019-20633",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2019-20633"
},
{
"cve": "CVE-2019-20892",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2019-20892"
},
{
"cve": "CVE-2020-12762",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2020-12762"
},
{
"cve": "CVE-2020-15861",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2020-15861"
},
{
"cve": "CVE-2020-15862",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2020-15862"
},
{
"cve": "CVE-2021-3521",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-3521"
},
{
"cve": "CVE-2021-37750",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-37750"
},
{
"cve": "CVE-2021-46933",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-46933"
},
{
"cve": "CVE-2021-46955",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-47074",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47074"
},
{
"cve": "CVE-2021-47113",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47113"
},
{
"cve": "CVE-2021-47131",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47131"
},
{
"cve": "CVE-2021-47162",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2021-47171",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47171"
},
{
"cve": "CVE-2021-47188",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47206",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47206"
},
{
"cve": "CVE-2021-47220",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47220"
},
{
"cve": "CVE-2021-47229",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47229"
},
{
"cve": "CVE-2021-47231",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47231"
},
{
"cve": "CVE-2021-47235",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2021-47235"
},
{
"cve": "CVE-2022-2601",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-2601"
},
{
"cve": "CVE-2022-3775",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-3775"
},
{
"cve": "CVE-2022-44792",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-44792"
},
{
"cve": "CVE-2022-44793",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-44793"
},
{
"cve": "CVE-2022-48566",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2022-48566"
},
{
"cve": "CVE-2023-27043",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-28074",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-28074"
},
{
"cve": "CVE-2023-3164",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-3164"
},
{
"cve": "CVE-2023-36632",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-36632"
},
{
"cve": "CVE-2023-4421",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-4421"
},
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45288",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-45733",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45733"
},
{
"cve": "CVE-2023-45745",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45745"
},
{
"cve": "CVE-2023-45918",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-45918"
},
{
"cve": "CVE-2023-46103",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-46103"
},
{
"cve": "CVE-2023-4692",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-4692"
},
{
"cve": "CVE-2023-47233",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-47855",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-47855"
},
{
"cve": "CVE-2023-49083",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-50782",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-50782"
},
{
"cve": "CVE-2023-52425",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-52428",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2023-52527",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52527"
},
{
"cve": "CVE-2023-52586",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52586"
},
{
"cve": "CVE-2023-52591",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52646",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52653",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52655",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52664",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52685",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52691",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52696",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52698",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52703",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52703"
},
{
"cve": "CVE-2023-52730",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52730"
},
{
"cve": "CVE-2023-52732",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52732"
},
{
"cve": "CVE-2023-52741",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52741"
},
{
"cve": "CVE-2023-52742",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52742"
},
{
"cve": "CVE-2023-52747",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52747"
},
{
"cve": "CVE-2023-52759",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52774",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52781",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52796",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52803",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52821",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52864",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52875",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52880",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2023-5388",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-5388"
},
{
"cve": "CVE-2023-5752",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2023-5992",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-5992"
},
{
"cve": "CVE-2023-6597",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2024-0397",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0397"
},
{
"cve": "CVE-2024-0450",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-0639",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-0727",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-1737",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-1737"
},
{
"cve": "CVE-2024-1975",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-1975"
},
{
"cve": "CVE-2024-2004",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2004"
},
{
"cve": "CVE-2024-20696",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-20696"
},
{
"cve": "CVE-2024-22195",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-2398",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-24577",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-24577"
},
{
"cve": "CVE-2024-24790",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-24790"
},
{
"cve": "CVE-2024-2511",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-25710",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26130",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26458",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26458"
},
{
"cve": "CVE-2024-26461",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26461"
},
{
"cve": "CVE-2024-26625",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26739",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26752",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26752"
},
{
"cve": "CVE-2024-26775",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26791",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26828",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26846",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26874",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26874"
},
{
"cve": "CVE-2024-26876",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26876"
},
{
"cve": "CVE-2024-26900",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26915",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26915"
},
{
"cve": "CVE-2024-26920",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26921",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26929",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26934",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26957",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26984",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26996",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-27008",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27054",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27059",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27062",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27388",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27396",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27401",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27419",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27436",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-28085",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-28182",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-2961",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-32487",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-32487"
},
{
"cve": "CVE-2024-33599",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-33871",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-33871"
},
{
"cve": "CVE-2024-34062",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-34062"
},
{
"cve": "CVE-2024-34064",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34459",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-34459"
},
{
"cve": "CVE-2024-35195",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-35235",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35235"
},
{
"cve": "CVE-2024-35789",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35791",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35809",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35811",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35830",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35849",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35887",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35895",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35914",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35932",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35935",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35944",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35955",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35969",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35982",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-36015",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36029",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-3651",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-3651"
},
{
"cve": "CVE-2024-36954",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-37370",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38428",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-38428"
},
{
"cve": "CVE-2024-39689",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-39689"
},
{
"cve": "CVE-2024-4032",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-4032"
},
{
"cve": "CVE-2024-41110",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-41110"
},
{
"cve": "CVE-2024-4317",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-4317"
},
{
"cve": "CVE-2024-4741",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5206",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-5206"
},
{
"cve": "CVE-2024-5535",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6232",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6345",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-6345"
},
{
"cve": "CVE-2024-6655",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-6655"
},
{
"cve": "CVE-2024-7264",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-7592",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-53295",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-53295"
},
{
"cve": "CVE-2024-51534",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-51534"
},
{
"cve": "CVE-2024-53296",
"product_status": {
"known_affected": [
"T045853",
"T040719",
"T045852",
"T040718",
"T045854",
"T000126",
"T040721",
"398363"
]
},
"release_date": "2025-01-30T23:00:00.000+00:00",
"title": "CVE-2024-53296"
}
]
}
WID-SEC-W-2024-0899
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-04-16 22:00
Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0899 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0899.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0899 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0899"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Fusion Middleware vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixFMW"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:07:49.019+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0899",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.3.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.3.0",
"product_id": "618028",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.3.0"
}
}
},
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.6",
"product": {
"name": "Oracle Fusion Middleware 8.5.6",
"product_id": "T024993",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.6"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-0231",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-0231"
},
{
"cve": "CVE-2019-10172",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-10172"
},
{
"cve": "CVE-2019-13990",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-13990"
},
{
"cve": "CVE-2021-23369",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2021-23369"
},
{
"cve": "CVE-2022-1471",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-24329",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-24329"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-34381",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-34381"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-45378",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-45378"
},
{
"cve": "CVE-2022-46337",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2022-48579",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-48579"
},
{
"cve": "CVE-2023-24021",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-24021"
},
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-31122",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-31122"
},
{
"cve": "CVE-2023-33201",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-35116",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-35887",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-35887"
},
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-37536",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-37536"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46589",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-1597",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-1597"
},
{
"cve": "CVE-2024-20991",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20991"
},
{
"cve": "CVE-2024-20992",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20992"
},
{
"cve": "CVE-2024-21006",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21006"
},
{
"cve": "CVE-2024-21007",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21007"
},
{
"cve": "CVE-2024-21117",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21117"
},
{
"cve": "CVE-2024-21118",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21118"
},
{
"cve": "CVE-2024-21119",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21119"
},
{
"cve": "CVE-2024-21120",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21120"
},
{
"cve": "CVE-2024-23635",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-23635"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
}
]
}
wid-sec-w-2024-0868
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-04-16 22:00
Summary
Oracle Construction and Engineering: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterstützung von Bau- und Ingenieurbüros. Sie umfasst u. a. Projektmanagement-Lösungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von Änderungen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterst\u00fctzung von Bau- und Ingenieurb\u00fcros. Sie umfasst u. a. Projektmanagement-L\u00f6sungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von \u00c4nderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0868 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0868.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0868 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0868"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Construction and Engineering vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixPVA"
}
],
"source_lang": "en-US",
"title": "Oracle Construction and Engineering: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:07:39.814+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0868",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=19.12.16",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.16",
"product_id": "T027345"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.16",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.16",
"product_id": "T027346"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.12.22",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.22",
"product_id": "T032095"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.17",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.17",
"product_id": "T032097"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.21",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.21",
"product_id": "T034151"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.18",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.18",
"product_id": "T034152"
}
},
{
"category": "product_version_range",
"name": "\u003c=22.12.12",
"product": {
"name": "Oracle Construction and Engineering \u003c=22.12.12",
"product_id": "T034153"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.12.2",
"product": {
"name": "Oracle Construction and Engineering \u003c=23.12.2",
"product_id": "T034154"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.12.18",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.18",
"product_id": "T034155"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.13",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.13",
"product_id": "T034156"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.11",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.11",
"product_id": "T034157"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.12.3",
"product": {
"name": "Oracle Construction and Engineering \u003c=23.12.3",
"product_id": "T034158"
}
}
],
"category": "product_name",
"name": "Construction and Engineering"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-50386",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-50386"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-21095",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21095"
},
{
"cve": "CVE-2024-22243",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-22243"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
}
]
}
WID-SEC-W-2024-1758
Vulnerability from csaf_certbund
Published
2024-08-05 22:00
Modified
2024-08-05 22:00
Summary
IBM InfoSphere Information Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um einen Denial of Service Angriff durchzuführen und vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1758 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1758.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1758 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1758"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-08-05",
"url": "https://www.ibm.com/support/pages/node/7160580"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-08-05",
"url": "https://www.ibm.com/support/pages/node/7160967"
}
],
"source_lang": "en-US",
"title": "IBM InfoSphere Information Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-05T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:56.677+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1758",
"initial_release_date": "2024-08-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.7.1.0",
"product": {
"name": "IBM InfoSphere Information Server \u003c11.7.1.0",
"product_id": "T036611"
}
},
{
"category": "product_version_range",
"name": "\u003c11.7.1.5",
"product": {
"name": "IBM InfoSphere Information Server \u003c11.7.1.5",
"product_id": "T036613"
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Sicherheitsl\u00fccke in IBM InfoSphere Information Server. Dieser Fehler betrifft die Komponente PasswordBasedDecrypter (PBKDF2) aufgrund einer unsachgem\u00e4\u00dfen Validierung von Benutzeranfragen, was zu einem m\u00f6glichen Systemabsturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-39751",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM InfoSphere Information Server aufgrund einer unsachgem\u00e4\u00dfen Fehlerbehandlung. Wenn ein Fehler auftritt, werden detaillierte technische Fehlermeldungen in den Browser zur\u00fcckgegeben, die m\u00f6glicherweise vertrauliche Informationen preisgeben. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Zugang zu detaillierten Informationen \u00fcber das System zu erhalten, die dann verwendet werden k\u00f6nnen, um weitere Angriffe gegen das System zu erm\u00f6glichen."
}
],
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2024-39751"
}
]
}
wid-sec-w-2024-3508
Vulnerability from csaf_certbund
Published
2024-11-19 23:00
Modified
2024-11-19 23:00
Summary
Atlassian Confluence: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Confluence ist eine kommerzielle Wiki-Software.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen preiszugeben und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Confluence ist eine kommerzielle Wiki-Software.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, vertrauliche Informationen preiszugeben und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3508 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3508.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3508 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3508"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Confluence: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-19T23:00:00.000+00:00",
"generator": {
"date": "2024-11-20T10:42:48.003+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3508",
"initial_release_date": "2024-11-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.1",
"product": {
"name": "Atlassian Confluence \u003c9.1.1",
"product_id": "T039313"
}
},
{
"category": "product_version",
"name": "9.1.1",
"product": {
"name": "Atlassian Confluence 9.1.1",
"product_id": "T039313-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.9.8",
"product": {
"name": "Atlassian Confluence \u003c8.9.8",
"product_id": "T039314"
}
},
{
"category": "product_version",
"name": "8.9.8",
"product": {
"name": "Atlassian Confluence 8.9.8",
"product_id": "T039314-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.9.8"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c8.5.17",
"product": {
"name": "Atlassian Confluence LTS \u003c8.5.17",
"product_id": "T039315"
}
},
{
"category": "product_version",
"name": "LTS 8.5.17",
"product": {
"name": "Atlassian Confluence LTS 8.5.17",
"product_id": "T039315-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:lts__8.5.17"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c7.19.29",
"product": {
"name": "Atlassian Confluence LTS \u003c7.19.29",
"product_id": "T039316"
}
},
{
"category": "product_version",
"name": "LTS 7.19.29",
"product": {
"name": "Atlassian Confluence LTS 7.19.29",
"product_id": "T039316-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:lts__7.19.29"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38900",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-24549",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-4068",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2023-46234",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Handhabung der kryptographischen Signatur\u00fcberpr\u00fcfung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Authentifizierung und Sitzungsverwaltung zu umgehen."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-46234"
},
{
"cve": "CVE-2024-38816",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler betrifft spring-webmvc aufgrund eines Path Traversal Problems bei der Verwendung bestimmter Konfigurationen (RouterFunctions mit FileSystemResource). Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T039315",
"T039314",
"T039316",
"T039313"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-38816"
}
]
}
wid-sec-w-2024-1758
Vulnerability from csaf_certbund
Published
2024-08-05 22:00
Modified
2024-08-05 22:00
Summary
IBM InfoSphere Information Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um einen Denial of Service Angriff durchzuführen und vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1758 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1758.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1758 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1758"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-08-05",
"url": "https://www.ibm.com/support/pages/node/7160580"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-08-05",
"url": "https://www.ibm.com/support/pages/node/7160967"
}
],
"source_lang": "en-US",
"title": "IBM InfoSphere Information Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-05T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:56.677+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1758",
"initial_release_date": "2024-08-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.7.1.0",
"product": {
"name": "IBM InfoSphere Information Server \u003c11.7.1.0",
"product_id": "T036611"
}
},
{
"category": "product_version_range",
"name": "\u003c11.7.1.5",
"product": {
"name": "IBM InfoSphere Information Server \u003c11.7.1.5",
"product_id": "T036613"
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Sicherheitsl\u00fccke in IBM InfoSphere Information Server. Dieser Fehler betrifft die Komponente PasswordBasedDecrypter (PBKDF2) aufgrund einer unsachgem\u00e4\u00dfen Validierung von Benutzeranfragen, was zu einem m\u00f6glichen Systemabsturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-39751",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM InfoSphere Information Server aufgrund einer unsachgem\u00e4\u00dfen Fehlerbehandlung. Wenn ein Fehler auftritt, werden detaillierte technische Fehlermeldungen in den Browser zur\u00fcckgegeben, die m\u00f6glicherweise vertrauliche Informationen preisgeben. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Zugang zu detaillierten Informationen \u00fcber das System zu erhalten, die dann verwendet werden k\u00f6nnen, um weitere Angriffe gegen das System zu erm\u00f6glichen."
}
],
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2024-39751"
}
]
}
wid-sec-w-2024-1650
Vulnerability from csaf_certbund
Published
2024-07-16 22:00
Modified
2024-07-16 22:00
Summary
Oracle Utilities Applications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen Lösungen für Ver- und Entsorger.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen L\u00f6sungen f\u00fcr Ver- und Entsorger.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1650 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1650.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1650 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1650"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Utilities Applications vom 2024-07-16",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixUTIL"
}
],
"source_lang": "en-US",
"title": "Oracle Utilities Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:29.436+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1650",
"initial_release_date": "2024-07-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "4.4.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.0.0",
"product_id": "T036262",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.2.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.2.0",
"product_id": "T036263",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.2.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.3.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.3.0",
"product_id": "T036264",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.3.0"
}
}
},
{
"category": "product_version",
"name": "4.5.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.5.0.0.0",
"product_id": "T036265",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=4.5.0.1.3",
"product": {
"name": "Oracle Utilities Applications \u003c=4.5.0.1.3",
"product_id": "T036266"
}
},
{
"category": "product_version",
"name": "24.1.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.1.0.0.0",
"product_id": "T036267",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "24.2.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.2.0.0.0",
"product_id": "T036268",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.2.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.3.0.6.0",
"product": {
"name": "Oracle Utilities Applications 4.3.0.6.0",
"product_id": "T036269",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.3.0.6.0"
}
}
}
],
"category": "product_name",
"name": "Utilities Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-29857"
}
]
}
WID-SEC-W-2024-0868
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-04-16 22:00
Summary
Oracle Construction and Engineering: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterstützung von Bau- und Ingenieurbüros. Sie umfasst u. a. Projektmanagement-Lösungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von Änderungen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterst\u00fctzung von Bau- und Ingenieurb\u00fcros. Sie umfasst u. a. Projektmanagement-L\u00f6sungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von \u00c4nderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0868 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0868.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0868 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0868"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Construction and Engineering vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixPVA"
}
],
"source_lang": "en-US",
"title": "Oracle Construction and Engineering: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:07:39.814+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0868",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=19.12.16",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.16",
"product_id": "T027345"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.16",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.16",
"product_id": "T027346"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.12.22",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.22",
"product_id": "T032095"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.17",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.17",
"product_id": "T032097"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.21",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.21",
"product_id": "T034151"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.18",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.18",
"product_id": "T034152"
}
},
{
"category": "product_version_range",
"name": "\u003c=22.12.12",
"product": {
"name": "Oracle Construction and Engineering \u003c=22.12.12",
"product_id": "T034153"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.12.2",
"product": {
"name": "Oracle Construction and Engineering \u003c=23.12.2",
"product_id": "T034154"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.12.18",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.18",
"product_id": "T034155"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.13",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.13",
"product_id": "T034156"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.11",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.11",
"product_id": "T034157"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.12.3",
"product": {
"name": "Oracle Construction and Engineering \u003c=23.12.3",
"product_id": "T034158"
}
}
],
"category": "product_name",
"name": "Construction and Engineering"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-50386",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-50386"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-21095",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21095"
},
{
"cve": "CVE-2024-22243",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-22243"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
}
]
}
CERTFR-2025-AVI-0052
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Oracle Database Server. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Database Server | Database Migration Assistant for Unicode version 19.1 | ||
| Oracle | Database Server | Oracle Database Server (Java VM) versions 19.3 à 19.25 | ||
| Oracle | Database Server | Oracle Database Server (Java VM) versions 23.4 à 23.6 | ||
| Oracle | Database Server | Oracle Graal Development Kit for Micronaut versions 23.5 à 23.6 | ||
| Oracle | Database Server | Oracle Database Server (Oracle Database Data Mining) versions 21.3 à 21.16 | ||
| Oracle | Database Server | Oracle Database Server (Java VM) versions 21.3 à 21.16 | ||
| Oracle | Database Server | Oracle Database Server (GraalVM Multilingual Engine) versions 21.4 à 21.16 | ||
| Oracle | Database Server | Oracle Database Server (GraalVM Multilingual Engine) versions 23.5 à 23.6 | ||
| Oracle | Database Server | Oracle Database Server (Oracle Database Data Mining) versions 19.3 à 19.25 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Database Migration Assistant for Unicode version 19.1",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Java VM) versions 19.3 \u00e0 19.25",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Java VM) versions 23.4 \u00e0 23.6",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Graal Development Kit for Micronaut versions 23.5 \u00e0 23.6",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Oracle Database Data Mining) versions 21.3 \u00e0 21.16",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Java VM) versions 21.3 \u00e0 21.16",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (GraalVM Multilingual Engine) versions 21.4 \u00e0 21.16",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (GraalVM Multilingual Engine) versions 23.5 \u00e0 23.6",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server (Oracle Database Data Mining) versions 19.3 \u00e0 19.25",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-26345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26345"
},
{
"name": "CVE-2024-21211",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21211"
},
{
"name": "CVE-2025-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21553"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
}
],
"initial_release_date": "2025-01-22T00:00:00",
"last_revision_date": "2025-01-22T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0052",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Database Server. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Database Server",
"vendor_advisories": [
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Database Server cpujan2025",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
]
}
CERTFR-2025-AVI-0321
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Oracle PeopleSoft. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.60 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise CC Common Application Objects version 9.2 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.61 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.62 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise HCM Talent Acquisition Manager version 9.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PeopleSoft Enterprise PeopleTools version 8.60",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise CC Common Application Objects version 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise PeopleTools version 8.61",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise PeopleTools version 8.62",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise HCM Talent Acquisition Manager version 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-30735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30735"
},
{
"name": "CVE-2025-30713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30713"
},
{
"name": "CVE-2025-30697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30697"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
}
],
"initial_release_date": "2025-04-16T00:00:00",
"last_revision_date": "2025-04-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0321",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle PeopleSoft. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle PeopleSoft",
"vendor_advisories": [
{
"published_at": "2025-04-15",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle PeopleSoft cpuapr2025",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
]
}
CERTFR-2024-AVI-1006
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Atlassian | Jira | Jira Core Data Center versions 9.12.x antérieures à 9.12.15 LTS | ||
| Atlassian | Jira | Jira Service Management Data Center versions 5.17.x antérieures à 5.17.4 | ||
| Atlassian | Jira | Jira Core Server versions 10.1.x antérieures à 10.1.1 | ||
| Atlassian | Confluence | Confluence Server versions 8.5.x antérieures à 8.5.17 LTS | ||
| Atlassian | Jira | Jira Core Server versions 9.4.x antérieures à 9.4.28 LTS | ||
| Atlassian | Jira | Jira Core Server versions 9.17.x antérieures à 9.17.4 | ||
| Atlassian | Jira | Jira Service Management Server versions 5.17.x antérieures à 5.17.4 | ||
| Atlassian | Jira | Jira Service Management Data Center versions 10.1.x antérieures à 10.1.1 | ||
| Atlassian | Confluence | Confluence Data Center versions 8.x antérieures à 8.9.8 | ||
| Atlassian | Jira | Jira Core Data Center versions 9.17.x antérieures à 9.17.4 | ||
| Atlassian | Jira | Jira Core Server versions 9.12.x antérieures à 9.12.15 LTS | ||
| Atlassian | Jira | Jira Service Management Server versions 10.1.x antérieures à 10.1.1 | ||
| Atlassian | Confluence | Confluence Server versions 8.x antérieures à 8.9.8 | ||
| Atlassian | Jira | Jira Service Management Server versions 5.12.x antérieures à 5.12.15 LTS | ||
| Atlassian | Jira | Jira Core Data Center versions 9.4.x antérieures à 9.4.28 LTS | ||
| Atlassian | Jira | Jira Service Management Server versions 5.4.x antérieures à 5.4.28 LTS | ||
| Atlassian | Jira | Jira Core Data Center versions 10.1.x antérieures à 10.1.1 | ||
| Atlassian | Confluence | Confluence Data Center versions 8.5.x antérieures à 8.5.17 LTS | ||
| Atlassian | Confluence | Confluence Data Center versions 9.x antérieures à 9.1.1 | ||
| Atlassian | Jira | Jira Service Management Data Center versions 5.12.x antérieures à 5.12.15 LTS | ||
| Atlassian | Confluence | Confluence Data Center versions 7.19.x antérieures à 7.19.29 LTS | ||
| Atlassian | Confluence | Confluence Server versions 7.19.x antérieures à 7.19.29 LTS | ||
| Atlassian | Jira | Jira Service Management Data Center versions 5.4.x antérieures à 5.4.28 LTS |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Jira Core Data Center versions 9.12.x ant\u00e9rieures \u00e0 9.12.15 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions 5.17.x ant\u00e9rieures \u00e0 5.17.4",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Server versions 10.1.x ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.17 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Server versions 9.4.x ant\u00e9rieures \u00e0 9.4.28 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Server versions 9.17.x ant\u00e9rieures \u00e0 9.17.4",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions 5.17.x ant\u00e9rieures \u00e0 5.17.4",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions 10.1.x ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 8.x ant\u00e9rieures \u00e0 8.9.8",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Data Center versions 9.17.x ant\u00e9rieures \u00e0 9.17.4",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Server versions 9.12.x ant\u00e9rieures \u00e0 9.12.15 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions 10.1.x ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 8.x ant\u00e9rieures \u00e0 8.9.8",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions 5.12.x ant\u00e9rieures \u00e0 5.12.15 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Data Center versions 9.4.x ant\u00e9rieures \u00e0 9.4.28 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions 5.4.x ant\u00e9rieures \u00e0 5.4.28 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Core Data Center versions 10.1.x ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 8.5.x ant\u00e9rieures \u00e0 8.5.17 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 9.x ant\u00e9rieures \u00e0 9.1.1",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions 5.12.x ant\u00e9rieures \u00e0 5.12.15 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 7.19.x ant\u00e9rieures \u00e0 7.19.29 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 7.19.x ant\u00e9rieures \u00e0 7.19.29 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions 5.4.x ant\u00e9rieures \u00e0 5.4.28 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
},
{
"name": "CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
}
],
"initial_release_date": "2024-11-20T00:00:00",
"last_revision_date": "2024-11-20T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1006",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Atlassian. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Atlassian",
"vendor_advisories": [
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98022",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98022"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98299",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98299"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98481",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98481"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98442",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98442"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-15626",
"url": "https://jira.atlassian.com/browse/JSDSERVER-15626"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-15689",
"url": "https://jira.atlassian.com/browse/JSDSERVER-15689"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98484",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98484"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JRASERVER-78199",
"url": "https://jira.atlassian.com/browse/JRASERVER-78199"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98231",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98231"
},
{
"published_at": "2024-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-98021",
"url": "https://jira.atlassian.com/browse/CONFSERVER-98021"
}
]
}
CERTFR-2024-AVI-1081
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM.Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar Suite Software | QRadar Suite Software versions antérieures à 1.11.0.0 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP10 IF02 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 4.8.x à 5.0.x antérieures à 5.1 | ||
| IBM | QRadar Incident Forensics | QRadar Incident Forensics 7.5.x antérieures à 7.5.0 UP10 IF02 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Suite Software versions ant\u00e9rieures \u00e0 1.11.0.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP10 IF02",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 4.8.x \u00e0 5.0.x ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP10 IF02",
"product": {
"name": "QRadar Incident Forensics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2023-31582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31582"
},
{
"name": "CVE-2023-23613",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23613"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-38998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38998"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-41917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41917"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2024-41755",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41755"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2024-38372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38372"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2024-38999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38999"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-38986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38986"
},
{
"name": "CVE-2022-41915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41915"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2024-52318",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52318"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2023-33546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33546"
},
{
"name": "CVE-2024-41818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41818"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2024-52317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52317"
},
{
"name": "CVE-2024-47175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47175"
},
{
"name": "CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-23612",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23612"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
}
],
"initial_release_date": "2024-12-13T00:00:00",
"last_revision_date": "2024-12-13T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1081",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177766",
"url": "https://www.ibm.com/support/pages/node/7177766"
},
{
"published_at": "2024-12-09",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178224",
"url": "https://www.ibm.com/support/pages/node/7178224"
},
{
"published_at": "2024-12-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178556",
"url": "https://www.ibm.com/support/pages/node/7178556"
}
]
}
CERTFR-2025-AVI-0337
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.28 | ||
| IBM | QRadar | QRadar Suite Software versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.6.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.28",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.6.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-6531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6531"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2020-35494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35494"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2020-35496",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35496"
},
{
"name": "CVE-2024-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21534"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2024-45813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45813"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-25584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25584"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-1302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1302"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2018-18700",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18700"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1972"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-25588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-35495",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35495"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"name": "CVE-2019-12972",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12972"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2023-25585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25585"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2020-35507",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35507"
},
{
"name": "CVE-2020-35493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35493"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2018-12699",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12699"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
}
],
"initial_release_date": "2025-04-18T00:00:00",
"last_revision_date": "2025-04-18T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0337",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Injection SQL (SQLi)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7230739",
"url": "https://www.ibm.com/support/pages/node/7230739"
},
{
"published_at": "2025-04-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231169",
"url": "https://www.ibm.com/support/pages/node/7231169"
},
{
"published_at": "2025-04-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231051",
"url": "https://www.ibm.com/support/pages/node/7231051"
}
]
}
CERTFR-2025-AVI-0215
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Gemfire Management Console versions ant\u00e9rieures \u00e0 1.3.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-22262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22262"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-36124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36124"
},
{
"name": "CVE-2024-23672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2024-38827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38827"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-38821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38821"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2024-22257",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22257"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-52317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52317"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-32473",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32473"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
}
],
"initial_release_date": "2025-03-17T00:00:00",
"last_revision_date": "2025-03-17T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0215",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-03-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu Gemfire",
"vendor_advisories": [
{
"published_at": "2025-03-14",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 25509",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25509"
}
]
}
CERTFR-2024-AVI-0279
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | N/A | Storage Scale System 3000, 3200, 3500, 5000 et 6000 versions 6.1.2.x antérieures à 6.1.2.9 | ||
| IBM | Sterling | Sterling Connect Direct pour UNIX versions 6.1.x antérieures à 6.1.0.4.iFix106 | ||
| IBM | WebSphere | WebSphere Application Server Liberty versions postérieures à 21.0.0.2 et antérieures à 24.0.0.4 | ||
| IBM | Sterling | Sterling Connect Direct pour UNIX versions 6.3.x antérieures à 6.3.0.2.iFix021 | ||
| IBM | Sterling | Sterling Connect Direct pour UNIX versions 6.0.x antérieures à 6.0.0.2.iFix164 | ||
| IBM | Tivoli | Tivoli Netcool Impact versions 7.1.0.x antérieures à 7.1.0.33 | ||
| IBM | N/A | Storage Scale System 3000, 3200, 3500, 5000 et 6000 versions 6.1.9.x antérieures à 6.1.9.2 | ||
| IBM | WebSphere | WebSphere Application Server versions 9.x antérieures à 9.0.5.19 | ||
| IBM | WebSphere | WebSphere Application Server versions postérieures à 8.5.5.2 antérieures à 8.5.5.26 | ||
| IBM | Sterling | Sterling Connect Direct pour UNIX versions 6.2.x antérieures à 6.2.0.7.iFix015 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Storage Scale System 3000, 3200, 3500, 5000 et 6000 versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect Direct pour UNIX versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.4.iFix106",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty versions post\u00e9rieures \u00e0 21.0.0.2 et ant\u00e9rieures \u00e0 24.0.0.4",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect Direct pour UNIX versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.2.iFix021",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect Direct pour UNIX versions 6.0.x ant\u00e9rieures \u00e0 6.0.0.2.iFix164",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli Netcool Impact versions 7.1.0.x ant\u00e9rieures \u00e0 7.1.0.33",
"product": {
"name": "Tivoli",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Storage Scale System 3000, 3200, 3500, 5000 et 6000 versions 6.1.9.x ant\u00e9rieures \u00e0 6.1.9.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.19",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions post\u00e9rieures \u00e0 8.5.5.2 ant\u00e9rieures \u00e0 8.5.5.26",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect Direct pour UNIX versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.7.iFix015",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2024-04-05T00:00:00",
"last_revision_date": "2024-04-05T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0279",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7145606 du 01 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7145606"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7145538 du 29 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7145538"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7145743 du 02 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7145743"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7145942 du 04 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7145942"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7145926 du 04 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7145926"
}
]
}
CERTFR-2024-AVI-0923
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect:Express pour UNIX versions 1.5.x antérieures à 1.5.0.17010 | ||
| IBM | QRadar | QRadar Assistant versions antérieures à 3.8.1 | ||
| IBM | Cognos Analytics | Cognos Analytics Mobile (Android) versions 1.1.x antérieures à 1.1.20 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.0.x antérieures à 6.0.3.1 GA | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.5.0 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 GA | ||
| IBM | Cognos Analytics | Cognos Analytics Mobile (iOS) versions 1.1.x antérieures à 1.1.20 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 GA |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Express pour UNIX versions 1.5.x ant\u00e9rieures \u00e0 1.5.0.17010",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Assistant versions ant\u00e9rieures \u00e0 3.8.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics Mobile (Android) versions 1.1.x ant\u00e9rieures \u00e0 1.1.20",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.5.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4 ",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics Mobile (iOS) versions 1.1.x ant\u00e9rieures \u00e0 1.1.20",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-0144",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0144"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2023-25166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25166"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-28856",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28856"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2018-12538",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12538"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2023-50312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50312"
},
{
"name": "CVE-2024-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3933"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2023-38737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38737"
},
{
"name": "CVE-2024-29415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
},
{
"name": "CVE-2022-36943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36943"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38009"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2020-27216",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27216"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2022-29622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29622"
},
{
"name": "CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-45145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45145"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2023-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0842"
},
{
"name": "CVE-2023-22467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22467"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-22329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22329"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-43383",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43383"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2018-12545",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12545"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-41784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41784"
},
{
"name": "CVE-2021-3803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2022-24834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24834"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2024-27270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27270"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"name": "CVE-2019-10241",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10241"
},
{
"name": "CVE-2022-24736",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24736"
},
{
"name": "CVE-2024-25042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25042"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2023-29262",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29262"
},
{
"name": "CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2022-24735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24735"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2024-27267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
},
{
"name": "CVE-2012-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2677"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
}
],
"initial_release_date": "2024-10-25T00:00:00",
"last_revision_date": "2024-10-25T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0923",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7173631",
"url": "https://www.ibm.com/support/pages/node/7173631"
},
{
"published_at": "2024-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7174016",
"url": "https://www.ibm.com/support/pages/node/7174016"
},
{
"published_at": "2024-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7174015",
"url": "https://www.ibm.com/support/pages/node/7174015"
},
{
"published_at": "2024-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7173632",
"url": "https://www.ibm.com/support/pages/node/7173632"
},
{
"published_at": "2024-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7172691",
"url": "https://www.ibm.com/support/pages/node/7172691"
},
{
"published_at": "2024-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7172692",
"url": "https://www.ibm.com/support/pages/node/7172692"
},
{
"published_at": "2024-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7173592",
"url": "https://www.ibm.com/support/pages/node/7173592"
},
{
"published_at": "2024-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7173866",
"url": "https://www.ibm.com/support/pages/node/7173866"
}
]
}
CERTFR-2025-AVI-0512
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Security QRadar EDR | Security QRadar EDR versions antérieures à 3.12.16 | ||
| IBM | Db2 | Db2 versions antérieures à 5.2.0 pour Cloud Pak for Data | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 FP1 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 IF4 | ||
| IBM | Db2 Warehouse | Db2 warehouse versions antérieures à 5.2.0 pour Cloud Pak for Data |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Security QRadar EDR versions ant\u00e9rieures \u00e0 3.12.16",
"product": {
"name": "Security QRadar EDR",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions ant\u00e9rieures \u00e0 5.2.0 pour Cloud Pak for Data",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4 FP1",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 IF4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 warehouse versions ant\u00e9rieures \u00e0 5.2.0 pour Cloud Pak for Data",
"product": {
"name": "Db2 Warehouse",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-0917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0917"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2021-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33036"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2025-47944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47944"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30065"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-45178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45178"
},
{
"name": "CVE-2024-47076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47076"
},
{
"name": "CVE-2024-47177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47177"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-26612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26612"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2024-31881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31881"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2025-0923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0923"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-31880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31880"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2024-28762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28762"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-53197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53197"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2024-37529",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37529"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-25642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25642"
},
{
"name": "CVE-2024-53382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53382"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2024-12905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2024-52046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52046"
},
{
"name": "CVE-2021-37404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37404"
},
{
"name": "CVE-2025-47935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47935"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-57965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57965"
},
{
"name": "CVE-2023-29267",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29267"
},
{
"name": "CVE-2024-31882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31882"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2024-47176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47176"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2023-52922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52922"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2024-6827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6827"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2022-42969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42969"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2024-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
},
{
"name": "CVE-2024-35152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35152"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2025-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25032"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2024-47175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47175"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2023-39663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39663"
},
{
"name": "CVE-2024-35136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35136"
},
{
"name": "CVE-2022-25168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25168"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
}
],
"initial_release_date": "2025-06-13T00:00:00",
"last_revision_date": "2025-06-13T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0512",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7236500",
"url": "https://www.ibm.com/support/pages/node/7236500"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7234674",
"url": "https://www.ibm.com/support/pages/node/7234674"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7236354",
"url": "https://www.ibm.com/support/pages/node/7236354"
}
]
}
CERTFR-2024-AVI-0323
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Oracle Weblogic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle WebLogic Server versions 12.2.1.4.0 et 14.1.1.0.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5072"
},
{
"name": "CVE-2021-23369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23369"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-23635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23635"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2024-21007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21007"
},
{
"name": "CVE-2024-21006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21006"
}
],
"initial_release_date": "2024-04-18T00:00:00",
"last_revision_date": "2024-04-18T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0323",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Weblogic.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Weblogic",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2024verbose du 16 avril 2024",
"url": "https://www.oracle.com/security-alerts/cpuapr2024verbose.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2024 du 16 avril 2024",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
]
}
CERTFR-2025-AVI-0661
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AppDynamics Cluster Agent versions ant\u00e9rieures \u00e0 25.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": " AppDynamics On-Premise Enterprise Console versions ant\u00e9rieures \u00e0 25.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2025-21543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21543"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47601"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2024-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47544"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2024-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
},
{
"name": "CVE-2024-47545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47545"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2022-38398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38398"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-4761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4761"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2024-47596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47596"
},
{
"name": "CVE-2022-48285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48285"
},
{
"name": "CVE-2019-9674",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2018-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
},
{
"name": "CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"name": "CVE-2024-47602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47602"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-47541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47541"
},
{
"name": "CVE-2024-47774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47774"
},
{
"name": "CVE-2023-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50186"
},
{
"name": "CVE-2024-47599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47599"
},
{
"name": "CVE-2024-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47606"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2024-47540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47540"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2023-0833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0833"
},
{
"name": "CVE-2024-47542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47542"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21531"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2024-47546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47546"
},
{
"name": "CVE-2024-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-27888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27888"
},
{
"name": "CVE-2024-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47537"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2024-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52979"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2023-6992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6992"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2024-47778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47778"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2024-47777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47777"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2024-47543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47543"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2024-47600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47600"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2024-47835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47835"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2024-47597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47597"
},
{
"name": "CVE-2025-21520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21520"
},
{
"name": "CVE-2024-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47539"
},
{
"name": "CVE-2021-23413",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23413"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-40146",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40146"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-47598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47598"
},
{
"name": "CVE-2024-47603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47603"
},
{
"name": "CVE-2022-38648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38648"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21518"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2024-47615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2024-47776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47776"
},
{
"name": "CVE-2024-47834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47834"
},
{
"name": "CVE-2024-47775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47775"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
}
],
"initial_release_date": "2025-08-07T00:00:00",
"last_revision_date": "2025-08-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0661",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0802",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0802"
},
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0801",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0801"
}
]
}
CERTFR-2024-AVI-0312
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Atlassian | Jira | Jira Software Data Center versions 9.12.x LTS antérieures à 9.12.7 LTS | ||
| Atlassian | Jira | Jira Service Management Server versions antérieures à 5.4.19 LTS | ||
| Atlassian | Confluence | Confluence Data Center versions 7.x LTS antérieures 7.19.20 LTS | ||
| Atlassian | Jira | Jira Service Management Data Center versions antérieures à 5.4.19 LTS | ||
| Atlassian | Confluence | Confluence Data Center versions antérieures à 8.7.1 | ||
| Atlassian | Jira | Jira Software Data Center versions antérieures à 9.15.0 | ||
| Atlassian | Jira | Jira Service Management Data Center versions antérieures à 5.12.6 | ||
| Atlassian | Confluence | Confluence Server versions antérieures à 8.5.7 LTS | ||
| Atlassian | Confluence | Confluence Server versions 7.x LTS antérieures 7.19.20 LTS | ||
| Atlassian | Confluence | Confluence Data Center versions 8.x LTS antérieures à 8.5.7 LTS | ||
| Atlassian | Jira | Jira Software Server versions 9.1.x, 9.2.x, 9.3.x et 9.4.x antérieures à 9.4.18 LTS | ||
| Atlassian | Jira | Jira Service Management Server versions antérieures à 5.12.6 | ||
| Atlassian | Jira | Jira Software Data Center versions 9.1.x, 9.2.x, 9.3.x et 9.4.x antérieures à 9.4.18 LTS | ||
| Atlassian | Jira | Jira Software Server versions antérieures à 9.12.7 LTS |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Jira Software Data Center versions 9.12.x LTS ant\u00e9rieures \u00e0 9.12.7 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions ant\u00e9rieures \u00e0 5.4.19 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 7.x LTS ant\u00e9rieures 7.19.20 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions ant\u00e9rieures \u00e0 5.4.19 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions ant\u00e9rieures \u00e0 8.7.1",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions ant\u00e9rieures \u00e0 9.15.0",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions ant\u00e9rieures \u00e0 5.12.6",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions ant\u00e9rieures \u00e0 8.5.7 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 7.x LTS ant\u00e9rieures 7.19.20 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 8.x LTS ant\u00e9rieures \u00e0 8.5.7 LTS",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Server versions 9.1.x, 9.2.x, 9.3.x et 9.4.x ant\u00e9rieures \u00e0 9.4.18 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions ant\u00e9rieures \u00e0 5.12.6",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions 9.1.x, 9.2.x, 9.3.x et 9.4.x ant\u00e9rieures \u00e0 9.4.18 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Server versions ant\u00e9rieures \u00e0 9.12.7 LTS",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
}
],
"initial_release_date": "2024-04-17T00:00:00",
"last_revision_date": "2024-04-18T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0312",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-17T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour du r\u00e9sum\u00e9",
"revision_date": "2024-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Atlassian\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Atlassian",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-15248 du 16 avril 2024",
"url": "https://jira.atlassian.com/browse/JSDSERVER-15248"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-25885 du 16 avril 2024",
"url": "https://jira.atlassian.com/browse/JSWSERVER-25885"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-25892 du 16 avril 2024",
"url": "https://jira.atlassian.com/browse/JSWSERVER-25892"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-95099 du 16 avril 2024",
"url": "https://jira.atlassian.com/browse/CONFSERVER-95099"
}
]
}
CERTFR-2024-AVI-0228
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect - Direct pour Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.2_iFix012 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.0 sans le correctif de sécurité iFix 03 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.3 sans le correctif de sécurité iFix 11 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.2.2.x antérieures à 6.2.2.2 sans le dernier correctif de sécurité | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF06 | ||
| IBM | Sterling | Sterling Connect - Direct pour Microsoft Windows versions 6.2.0.x antérieures à 6.2.0.6_iFix012 | ||
| IBM | Db2 | IBM Db2 Web Query pour i version 2.4.0 sans les correctifs de sécurité SI85982 et SI85987 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.2.0.x antérieures à 6.2.0.7 sans le dernier correctif de sécurité | ||
| IBM | Sterling | Sterling Connect - Direct File Agent versions 1.4.0.x antérieures à 1.4.0.3_iFix004 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.1.2.x antérieures à 6.1.2.9 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect - Direct pour Microsoft Windows versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.2_iFix012",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.0 sans le correctif de s\u00e9curit\u00e9 iFix 03",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix 11",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.2 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF06",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect - Direct pour Microsoft Windows versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6_iFix012",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Query pour i version 2.4.0 sans les correctifs de s\u00e9curit\u00e9 SI85982 et SI85987",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.7 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect - Direct File Agent versions 1.4.0.x ant\u00e9rieures \u00e0 1.4.0.3_iFix004",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.9 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2023-47699",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47699"
},
{
"name": "CVE-2023-46179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46179"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-46182",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46182"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-47147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47147"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2022-41678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41678"
},
{
"name": "CVE-2023-5072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5072"
},
{
"name": "CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"name": "CVE-2023-34034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34034"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39685"
},
{
"name": "CVE-2023-47162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47162"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-45177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45177"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2023-46181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46181"
}
],
"initial_release_date": "2024-03-15T00:00:00",
"last_revision_date": "2024-03-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0228",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142007 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142007"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142038 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142038"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138527 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138509 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138509"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7140420 du 13 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7140420"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138477 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138477"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142032 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142032"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138522 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138522"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7137248 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7137248"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7137258 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7137258"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138503 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138503"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142006 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142006"
}
]
}
NCSC-2024-0299
Vulnerability from csaf_ncscnl
Published
2024-07-17 13:54
Modified
2024-07-17 13:54
Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Er zijn kwetsbaarheden verholpen in Oracle Analytics.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Toegang tot systeemgegevens
* Manipulatie van gegevens
* (Remote) code execution (Gebruikersrechten)
Oplossingen
Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-222
Truncation of Security-relevant Information
CWE-285
Improper Authorization
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-426
Untrusted Search Path
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-476
NULL Pointer Dereference
CWE-674
Uncontrolled Recursion
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-787
Out-of-bounds Write
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Er zijn kwetsbaarheden verholpen in Oracle Analytics.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23926"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21797"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26031"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46589"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49083"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0727"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21139"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
},
{
"category": "external",
"summary": "Reference - oracle",
"url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; ibm; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html"
}
],
"title": " Kwetsbaarheden verholpen in Oracle Analytics",
"tracking": {
"current_release_date": "2024-07-17T13:54:03.545073Z",
"id": "NCSC-2024-0299",
"initial_release_date": "2024-07-17T13:54:03.545073Z",
"revision_history": [
{
"date": "2024-07-17T13:54:03.545073Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23926",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-23926",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2021-23926"
},
{
"cve": "CVE-2021-37533",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-37533",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37533.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2022-0239",
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-0239",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-0239.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2022-0239"
},
{
"cve": "CVE-2022-21797",
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-21797",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-21797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2022-21797"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-40152",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40152.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-1370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-1370"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-1436",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1436.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-1436"
},
{
"cve": "CVE-2023-26031",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26031",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-33202",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33202",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-33202"
},
{
"cve": "CVE-2023-46589",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46589",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49083",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-21139",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21139",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21139.json"
}
],
"title": "CVE-2024-21139"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2024-25710"
}
]
}
NCSC-2024-0328
Vulnerability from csaf_ncscnl
Published
2024-08-12 08:22
Modified
2024-08-12 08:22
Summary
Kwetsbaarheden verholpen in IBM InfoSphere
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
IBM heeft kwetsbaarheden verholpen in InfoSphere Information Server.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om gevoelige informatie te verkrijgen.
Oplossingen
IBM heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-209
Generation of Error Message Containing Sensitive Information
CWE-400
Uncontrolled Resource Consumption
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "IBM heeft kwetsbaarheden verholpen in InfoSphere Information Server.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om gevoelige informatie te verkrijgen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "IBM heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5; nvd",
"url": "https://www.ibm.com/support/pages/node/7160580"
},
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://www.ibm.com/support/pages/node/7160967"
}
],
"title": "Kwetsbaarheden verholpen in IBM InfoSphere",
"tracking": {
"current_release_date": "2024-08-12T08:22:38.701674Z",
"id": "NCSC-2024-0328",
"initial_release_date": "2024-08-12T08:22:38.701674Z",
"revision_history": [
{
"date": "2024-08-12T08:22:38.701674Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "infosphere_information_server",
"product": {
"name": "infosphere_information_server",
"product_id": "CSAFPID-41387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "ibm"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-39751",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41387"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39751",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39751.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-41387"
]
}
],
"title": "CVE-2024-39751"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41387"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-41387"
]
}
],
"title": "CVE-2023-52428"
}
]
}
ncsc-2025-0020
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:30
Modified
2025-01-22 13:30
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse database producten en subsystemen, zoals de Core Database, Graal, Application Express, GoldenGate en REST data.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende componenten van de Oracle Database, waaronder de Data Mining component en de Java VM. Deze kwetsbaarheden stellen laaggeprivilegieerde geauthenticeerde gebruikers in staat om het systeem te compromitteren, wat kan leiden tot ongeautoriseerde toegang en gegevensmanipulatie. De Java VM-kwetsbaarheid kan ook leiden tot ongeautoriseerde wijzigingen van gegevens.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-391
Unchecked Error Condition
CWE-115
Misinterpretation of Input
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-1287
Improper Validation of Specified Type of Input
CWE-922
Insecure Storage of Sensitive Information
CWE-191
Integer Underflow (Wrap or Wraparound)
CWE-1220
Insufficient Granularity of Access Control
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-178
Improper Handling of Case Sensitivity
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-440
Expected Behavior Violation
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-617
Reachable Assertion
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE-354
Improper Validation of Integrity Check Value
CWE-190
Integer Overflow or Wraparound
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-476
NULL Pointer Dereference
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-674
Uncontrolled Recursion
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-276
Incorrect Default Permissions
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse database producten en subsystemen, zoals de Core Database, Graal, Application Express, GoldenGate en REST data.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende componenten van de Oracle Database, waaronder de Data Mining component en de Java VM. Deze kwetsbaarheden stellen laaggeprivilegieerde geauthenticeerde gebruikers in staat om het systeem te compromitteren, wat kan leiden tot ongeautoriseerde toegang en gegevensmanipulatie. De Java VM-kwetsbaarheid kan ook leiden tot ongeautoriseerde wijzigingen van gegevens.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Unchecked Error Condition",
"title": "CWE-391"
},
{
"category": "general",
"text": "Misinterpretation of Input",
"title": "CWE-115"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "general",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Reachable Assertion",
"title": "CWE-617"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database producten",
"tracking": {
"current_release_date": "2025-01-22T13:30:16.354373Z",
"id": "NCSC-2025-0020",
"initial_release_date": "2025-01-22T13:30:16.354373Z",
"revision_history": [
{
"date": "2025-01-22T13:30:16.354373Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "graal_development_kit_for_micronaut",
"product": {
"name": "graal_development_kit_for_micronaut",
"product_id": "CSAFPID-1751216",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graal_development_kit_for_micronaut:23.5-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_data_mining",
"product": {
"name": "database_-_data_mining",
"product_id": "CSAFPID-1751200",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_data_mining:19.3-19.25:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_data_mining",
"product": {
"name": "database_-_data_mining",
"product_id": "CSAFPID-1751199",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_data_mining:21.3-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_migration_assistant_for_unicode",
"product": {
"name": "database_migration_assistant_for_unicode",
"product_id": "CSAFPID-1751212",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_migration_assistant_for_unicode:19.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_server",
"product": {
"name": "database_server",
"product_id": "CSAFPID-1503604",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_server:_java_vm___23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_graalvm_multilingual_engine",
"product": {
"name": "database_-_graalvm_multilingual_engine",
"product_id": "CSAFPID-1751223",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_graalvm_multilingual_engine:21.4-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_graalvm_multilingual_engine",
"product": {
"name": "database_-_graalvm_multilingual_engine",
"product_id": "CSAFPID-1751224",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_graalvm_multilingual_engine:23.5-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1503575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673188",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-342816",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-816845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1751298",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1751299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-485902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751093",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751094",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751095",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751204",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751203",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "rest_data_services",
"product": {
"name": "rest_data_services",
"product_id": "CSAFPID-711746",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "rest_data_services",
"product": {
"name": "rest_data_services",
"product_id": "CSAFPID-1751305",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:rest_data_services:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "rest_data_services",
"product": {
"name": "rest_data_services",
"product_id": "CSAFPID-1751304",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:rest_data_services:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-667692",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-345049",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-611417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-1673422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-45772",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45772",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45772.json"
}
],
"title": "CVE-2024-45772"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825",
"CSAFPID-1751298",
"CSAFPID-1751299"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650825",
"CSAFPID-1751298",
"CSAFPID-1751299"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-50379",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-50379",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50379.json"
}
],
"title": "CVE-2024-50379"
},
{
"cve": "CVE-2024-52316",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Error Condition",
"title": "CWE-391"
},
{
"category": "other",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-52316",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52316.json"
}
],
"title": "CVE-2024-52316"
},
{
"cve": "CVE-2024-54677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-54677",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54677.json"
}
],
"title": "CVE-2024-54677"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2025-21553",
"references": [
{
"category": "self",
"summary": "CVE-2025-21553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21553.json"
}
],
"title": "CVE-2025-21553"
},
{
"cve": "CVE-2025-21557",
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21557",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21557.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2025-21557"
},
{
"cve": "CVE-2022-26345",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751199",
"CSAFPID-1751200"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-26345",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-26345.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751199",
"CSAFPID-1751200"
]
}
],
"title": "CVE-2022-26345"
},
{
"cve": "CVE-2023-27043",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-27043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-27043.json"
}
],
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-36730",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36730",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36730.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
}
],
"title": "CVE-2023-36730"
},
{
"cve": "CVE-2023-36785",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36785",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36785.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
}
],
"title": "CVE-2023-36785"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "other",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650765",
"CSAFPID-1650767",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-711746",
"CSAFPID-816845",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-1751212"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650765",
"CSAFPID-1650767",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-711746",
"CSAFPID-816845",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-1751212"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-342816",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-816845",
"CSAFPID-711746",
"CSAFPID-1751216"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-342816",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-816845",
"CSAFPID-711746",
"CSAFPID-1751216"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2961",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-4030",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-4030",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json"
}
],
"title": "CVE-2024-4030"
},
{
"cve": "CVE-2024-4032",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-4032",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json"
}
],
"title": "CVE-2024-4032"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6763",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751304",
"CSAFPID-1751305"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751304",
"CSAFPID-1751305"
]
}
],
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-6923",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6923",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6923.json"
}
],
"title": "CVE-2024-6923"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-7592",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7592",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-8088",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-8088",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8088.json"
}
],
"title": "CVE-2024-8088"
},
{
"cve": "CVE-2024-8927",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8927",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8927.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-8927"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-11053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-21211",
"cwe": {
"id": "CWE-922",
"name": "Insecure Storage of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751223",
"CSAFPID-1751224"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21211.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751223",
"CSAFPID-1751224"
]
}
],
"title": "CVE-2024-21211"
},
{
"cve": "CVE-2024-22262",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22262",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650825",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
}
],
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-24789",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24789.json"
}
],
"title": "CVE-2024-24789"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Misinterpretation of Input",
"title": "CWE-115"
},
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-24790",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24790.json"
}
],
"title": "CVE-2024-24790"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-24791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24791.json"
}
],
"title": "CVE-2024-24791"
},
{
"cve": "CVE-2024-28757",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28757",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28757.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
}
],
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33599",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33599.json"
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33600",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33600.json"
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "other",
"text": "Reachable Assertion",
"title": "CWE-617"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33601",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33601.json"
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650825"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650825"
]
}
],
"title": "CVE-2024-38820"
}
]
}
ncsc-2024-0414
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:17
Modified
2024-10-17 13:17
Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van gegevens
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-122
Heap-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-606
Unchecked Input for Loop Condition
CWE-390
Detection of Error Condition Without Action
CWE-405
Asymmetric Resource Consumption (Amplification)
CWE-222
Truncation of Security-relevant Information
CWE-364
Signal Handler Race Condition
CWE-450
Multiple Interpretations of UI Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-126
Buffer Over-read
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-195
Signed to Unsigned Conversion Error
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-61
UNIX Symbolic Link (Symlink) Following
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-459
Incomplete Cleanup
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-918
Server-Side Request Forgery (SSRF)
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
},
{
"category": "general",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Signed to Unsigned Conversion Error",
"title": "CWE-195"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Uncaught Exception",
"title": "CWE-248"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications",
"tracking": {
"current_release_date": "2024-10-17T13:17:52.103171Z",
"id": "NCSC-2024-0414",
"initial_release_date": "2024-10-17T13:17:52.103171Z",
"revision_history": [
{
"date": "2024-10-17T13:17:52.103171Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635313",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635305",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635312",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635323",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670430",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674632",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635320",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670439",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635322",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670429",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670435",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670431",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670436",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670432",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635321",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635310",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635318",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674640",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674642",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670434",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635316",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674639",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635314",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674637",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635307",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635319",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670438",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635324",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635315",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670433",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674641",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674636",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670437",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674631",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635308",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications__10.4.0.4",
"product": {
"name": "communications__10.4.0.4",
"product_id": "CSAFPID-1674629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.2",
"product": {
"name": "communications___23.4.2",
"product_id": "CSAFPID-1670442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.3",
"product": {
"name": "communications___23.4.3",
"product_id": "CSAFPID-1635325",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.4",
"product": {
"name": "communications___23.4.4",
"product_id": "CSAFPID-1635326",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.5",
"product": {
"name": "communications___23.4.5",
"product_id": "CSAFPID-1674645",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.6",
"product": {
"name": "communications___23.4.6",
"product_id": "CSAFPID-1674646",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___24.2.0",
"product": {
"name": "communications___24.2.0",
"product_id": "CSAFPID-1674644",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___7.2.1.0.0",
"product": {
"name": "communications___7.2.1.0.0",
"product_id": "CSAFPID-1670441",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___8.6.0.6",
"product": {
"name": "communications___8.6.0.6",
"product_id": "CSAFPID-1635327",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___8.6.0.8",
"product": {
"name": "communications___8.6.0.8",
"product_id": "CSAFPID-1635328",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.0.2",
"product": {
"name": "communications___9.0.2",
"product_id": "CSAFPID-1670440",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.0.3",
"product": {
"name": "communications___9.0.3",
"product_id": "CSAFPID-1635329",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.1.1.8.0",
"product": {
"name": "communications___9.1.1.8.0",
"product_id": "CSAFPID-1674643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674621",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674618",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674619",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674622",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674617",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674623",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674620",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___12.0.6.0.0",
"product": {
"name": "communications_applications___12.0.6.0.0",
"product_id": "CSAFPID-1674627",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___5.5.22",
"product": {
"name": "communications_applications___5.5.22",
"product_id": "CSAFPID-1674626",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.3",
"product": {
"name": "communications_applications___6.0.3",
"product_id": "CSAFPID-1674628",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.4",
"product": {
"name": "communications_applications___6.0.4",
"product_id": "CSAFPID-1674624",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.5",
"product": {
"name": "communications_applications___6.0.5",
"product_id": "CSAFPID-1674625",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-204629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-1673475",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-816792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-764735",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-1650734",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-204639",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-204627",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-816793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-912557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
"product": {
"name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
"product_id": "CSAFPID-219835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management__-_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-764247",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209549",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-41194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-1650820",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-765241",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-498607",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12:0.0.5.0:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-912556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_calendar_server",
"product": {
"name": "communications_calendar_server",
"product_id": "CSAFPID-764736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_calendar_server:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_calendar_server",
"product": {
"name": "communications_calendar_server",
"product_id": "CSAFPID-220190",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_configuration_console",
"product": {
"name": "communications_cloud_native_configuration_console",
"product_id": "CSAFPID-391501",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_configuration_console",
"product": {
"name": "communications_cloud_native_configuration_console",
"product_id": "CSAFPID-440102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-89545",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-180215",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-180197",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-41516",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-41515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220057",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220055",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1503577",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673416",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673516",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673412",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673411",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-764237",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-2045",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-40612",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-608629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-93784",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1899",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-41111",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1685",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-493445",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-294401",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-220547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-764824",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-220459",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-45184",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-45182",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-45181",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-611405",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-611403",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-611404",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1650752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1673396",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-912066",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1503323",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673526",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-165550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-93546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-180195",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-40299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-187447",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-45186",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-45185",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-220559",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-220558",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-764238",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-764239",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-816768",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-816769",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-912085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1503578",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1673389",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1673390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1673421",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1673420",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-764825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-816770",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-816771",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-912068",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-1503579",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-180201",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-1900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-760687",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-40947",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-93635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-503534",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-90018",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-220327",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-94290",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-220325",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-614513",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-643776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-816772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-912076",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-1503580",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-40613",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-2044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-40301",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-180194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-449747",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-40298",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-223527",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-449746",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-503493",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-260394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-219838",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-611387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-618156",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-816773",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1673473",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1503581",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912539",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912540",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912541",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912542",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912543",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-40611",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-40609",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-180198",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-41112",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-41110",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-760688",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-493444",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-93633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-220056",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-223511",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-216017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-220889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-614516",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-220918",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-614515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-614514",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816346",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-912077",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1503322",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1673413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1673415",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816775",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-912544",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-40608",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-180199",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-41113",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-260395",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-260393",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816348",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-912545",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816347",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-1673494",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-1673501",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-764240",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-220468",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-2310",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-93547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-180200",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-180193",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1898",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-93636",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-90020",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-90015",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-220133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1650751",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1673517",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1673395",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-912069",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-765371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-180216",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-180202",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-40300",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-93653",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-40949",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-642000",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-93634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220561",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-90021",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-94292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-218028",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220881",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-94291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220910",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220324",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-611401",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-816778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-614517",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-912547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1673392",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1503582",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1673393",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-912546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-40610",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-611587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-642002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-493443",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-642001",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-224796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-224795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912549",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503583",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503584",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503585",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1672767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-180217",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-180196",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-165576",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-40297",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764899",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-589926",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-179780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-40948",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-589925",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-179779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-90019",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-90016",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-220326",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764241",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-912078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-816349",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-912550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1503586",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1503587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1673399",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-816779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_contacts_server",
"product": {
"name": "communications_contacts_server",
"product_id": "CSAFPID-764737",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_contacts_server:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_contacts_server",
"product": {
"name": "communications_contacts_server",
"product_id": "CSAFPID-224787",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_contacts_server",
"product": {
"name": "communications_contacts_server",
"product_id": "CSAFPID-220189",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server",
"product": {
"name": "communications_converged_application_server",
"product_id": "CSAFPID-764827",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server",
"product": {
"name": "communications_converged_application_server",
"product_id": "CSAFPID-764828",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server_-_service_controller",
"product": {
"name": "communications_converged_application_server_-_service_controller",
"product_id": "CSAFPID-764734",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server_-_service_controller",
"product": {
"name": "communications_converged_application_server_-_service_controller",
"product_id": "CSAFPID-426842",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_charging_system",
"product": {
"name": "communications_converged_charging_system",
"product_id": "CSAFPID-1503599",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_charging_system",
"product": {
"name": "communications_converged_charging_system",
"product_id": "CSAFPID-1503600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-345031",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-204635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-764833",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-224793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-816794",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-342793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1650777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-764248",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-816350",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1261",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-110244",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-110242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-93777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.45:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-1672764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-93772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_data_model",
"product": {
"name": "communications_data_model",
"product_id": "CSAFPID-764902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_data_model:12.2.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-765372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-342799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-704412",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-704411",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-165544",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-704410",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-41183",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_intelligence_hub",
"product": {
"name": "communications_diameter_intelligence_hub",
"product_id": "CSAFPID-342802",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_intelligence_hub",
"product": {
"name": "communications_diameter_intelligence_hub",
"product_id": "CSAFPID-764829",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1503588",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1892",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1891",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1888",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1887",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1884",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1885",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1882",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1881",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1883",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1879",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1880",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-40293",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1650826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1650830",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-611413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-912551",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-912552",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_application_processor",
"product": {
"name": "communications_eagle_application_processor",
"product_id": "CSAFPID-1673417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_application_processor",
"product": {
"name": "communications_eagle_application_processor",
"product_id": "CSAFPID-765369",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1503316",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1503317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-204528",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_ftp_table_base_retrieval",
"product": {
"name": "communications_eagle_ftp_table_base_retrieval",
"product_id": "CSAFPID-204623",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_lnp_application_processor",
"product": {
"name": "communications_eagle_lnp_application_processor",
"product_id": "CSAFPID-352633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_lnp_application_processor",
"product": {
"name": "communications_eagle_lnp_application_processor",
"product_id": "CSAFPID-352632",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_software",
"product": {
"name": "communications_eagle_software",
"product_id": "CSAFPID-765366",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_software",
"product": {
"name": "communications_eagle_software",
"product_id": "CSAFPID-765365",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_software:46.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_elastic_charging_engine",
"product": {
"name": "communications_elastic_charging_engine",
"product_id": "CSAFPID-764834",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_elastic_charging_engine:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-764242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204597",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204580",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-9226",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204589",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-9070",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-8845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204624",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-2286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204464",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-345038",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-93629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-611422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-93630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-816780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_evolved_communications_application_server",
"product": {
"name": "communications_evolved_communications_application_server",
"product_id": "CSAFPID-204645",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-816781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-816782",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-912553",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-207586",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-234306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-219803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-387664",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_interactive_session_recorder",
"product": {
"name": "communications_interactive_session_recorder",
"product_id": "CSAFPID-1893",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_ip_service_activator",
"product": {
"name": "communications_ip_service_activator",
"product_id": "CSAFPID-204622",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_ip_service_activator",
"product": {
"name": "communications_ip_service_activator",
"product_id": "CSAFPID-219909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_lsms",
"product": {
"name": "communications_lsms",
"product_id": "CSAFPID-1673065",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_lsms:14.0.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-764835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-375182",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-816351",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-41182",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_metasolv_solution",
"product": {
"name": "communications_metasolv_solution",
"product_id": "CSAFPID-611595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_metasolv_solution",
"product": {
"name": "communications_metasolv_solution",
"product_id": "CSAFPID-226017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-220167",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816353",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-764243",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816352",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1503589",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1503590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1673414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816783",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816786",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816784",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816787",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816785",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816788",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-342803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-1650778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-1266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-764249",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-816354",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-204563",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-220125",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-245244",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-219776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-204554",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_offline_mediation_controller",
"product": {
"name": "communications_offline_mediation_controller",
"product_id": "CSAFPID-765242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-9489",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-110249",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-93781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-220132",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-912079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-224791",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-219898",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-224790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-221118",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-179774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-1673496",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence",
"product": {
"name": "communications_performance_intelligence",
"product_id": "CSAFPID-1503591",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center",
"product": {
"name": "communications_performance_intelligence_center",
"product_id": "CSAFPID-1673485",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center__pic__software",
"product": {
"name": "communications_performance_intelligence_center__pic__software",
"product_id": "CSAFPID-765367",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center__pic__software",
"product": {
"name": "communications_performance_intelligence_center__pic__software",
"product_id": "CSAFPID-765368",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center__pic__software",
"product": {
"name": "communications_performance_intelligence_center__pic__software",
"product_id": "CSAFPID-764830",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-573035",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-45192",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-611406",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-816789",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-816790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-764738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-204595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-204590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-816355",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1503601",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816359",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816358",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816357",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-912558",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1503602",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816797",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_services_gatekeeper",
"product": {
"name": "communications_services_gatekeeper",
"product_id": "CSAFPID-608630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503592",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503593",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-40294",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-40292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1672762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-40291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503594",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-342804",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-704413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2296",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-166028",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2294",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2290",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2288",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2282",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2285",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2279",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-204634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-345039",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-93628",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-611423",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-93631",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-816791",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-342805",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-704414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-166027",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2295",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2293",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2289",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2283",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2284",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2280",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2281",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-220414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-204607",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_router",
"product": {
"name": "communications_session_router",
"product_id": "CSAFPID-764780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_router:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_router",
"product": {
"name": "communications_session_router",
"product_id": "CSAFPID-764781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_router:9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_subscriber-aware_load_balancer",
"product": {
"name": "communications_subscriber-aware_load_balancer",
"product_id": "CSAFPID-93775",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_subscriber-aware_load_balancer",
"product": {
"name": "communications_subscriber-aware_load_balancer",
"product_id": "CSAFPID-93774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-240600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673070",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673381",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1650731",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673530",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-764901",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-614089",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673068",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-764739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204614",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-8984",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204569",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-219826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-912073",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_session_manager",
"product": {
"name": "communications_unified_session_manager",
"product_id": "CSAFPID-110243",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_session_manager",
"product": {
"name": "communications_unified_session_manager",
"product_id": "CSAFPID-205759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503596",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503597",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503598",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-764900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-76994",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-568240",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-764782",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-355340",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-912080",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1673481",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-912554",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-611408",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-703515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-611407",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-204456",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41182",
"CSAFPID-209546",
"CSAFPID-40608",
"CSAFPID-180216",
"CSAFPID-93547",
"CSAFPID-180217",
"CSAFPID-2310",
"CSAFPID-40612",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-1899",
"CSAFPID-41111",
"CSAFPID-40299",
"CSAFPID-187447",
"CSAFPID-1900",
"CSAFPID-40301",
"CSAFPID-180194",
"CSAFPID-40298",
"CSAFPID-41112",
"CSAFPID-41110",
"CSAFPID-41113",
"CSAFPID-180193",
"CSAFPID-1898",
"CSAFPID-40300",
"CSAFPID-611587",
"CSAFPID-40297",
"CSAFPID-110244",
"CSAFPID-110242",
"CSAFPID-9489",
"CSAFPID-110249",
"CSAFPID-40294",
"CSAFPID-110243",
"CSAFPID-204629",
"CSAFPID-765241",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-41183",
"CSAFPID-207586",
"CSAFPID-765242",
"CSAFPID-205759",
"CSAFPID-1893",
"CSAFPID-765365",
"CSAFPID-765366",
"CSAFPID-342804",
"CSAFPID-342805",
"CSAFPID-204456",
"CSAFPID-1882",
"CSAFPID-573035",
"CSAFPID-204645",
"CSAFPID-765367",
"CSAFPID-765368",
"CSAFPID-764242",
"CSAFPID-76994",
"CSAFPID-204623",
"CSAFPID-352633",
"CSAFPID-352632",
"CSAFPID-765369",
"CSAFPID-204528",
"CSAFPID-342802",
"CSAFPID-40610",
"CSAFPID-40611",
"CSAFPID-40609",
"CSAFPID-180198",
"CSAFPID-180196",
"CSAFPID-180201",
"CSAFPID-180202",
"CSAFPID-40613",
"CSAFPID-180199",
"CSAFPID-93546",
"CSAFPID-180195",
"CSAFPID-180200",
"CSAFPID-765371",
"CSAFPID-89545",
"CSAFPID-180215",
"CSAFPID-180197",
"CSAFPID-204639",
"CSAFPID-204627",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-342799",
"CSAFPID-765372",
"CSAFPID-220125",
"CSAFPID-245244",
"CSAFPID-204554",
"CSAFPID-764739",
"CSAFPID-204614",
"CSAFPID-345031",
"CSAFPID-204635",
"CSAFPID-204595",
"CSAFPID-204590",
"CSAFPID-224787",
"CSAFPID-1673381",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-37137",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37137.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-41182",
"CSAFPID-209546",
"CSAFPID-40608",
"CSAFPID-180216",
"CSAFPID-93547",
"CSAFPID-180217",
"CSAFPID-2310",
"CSAFPID-40612",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-1899",
"CSAFPID-41111",
"CSAFPID-40299",
"CSAFPID-187447",
"CSAFPID-1900",
"CSAFPID-40301",
"CSAFPID-180194",
"CSAFPID-40298",
"CSAFPID-41112",
"CSAFPID-41110",
"CSAFPID-41113",
"CSAFPID-180193",
"CSAFPID-1898",
"CSAFPID-40300",
"CSAFPID-611587",
"CSAFPID-40297",
"CSAFPID-110244",
"CSAFPID-110242",
"CSAFPID-9489",
"CSAFPID-110249",
"CSAFPID-40294",
"CSAFPID-110243",
"CSAFPID-204629",
"CSAFPID-765241",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-41183",
"CSAFPID-207586",
"CSAFPID-765242",
"CSAFPID-205759",
"CSAFPID-1893",
"CSAFPID-765365",
"CSAFPID-765366",
"CSAFPID-342804",
"CSAFPID-342805",
"CSAFPID-204456",
"CSAFPID-1882",
"CSAFPID-573035",
"CSAFPID-204645",
"CSAFPID-765367",
"CSAFPID-765368",
"CSAFPID-764242",
"CSAFPID-76994",
"CSAFPID-204623",
"CSAFPID-352633",
"CSAFPID-352632",
"CSAFPID-765369",
"CSAFPID-204528",
"CSAFPID-342802",
"CSAFPID-40610",
"CSAFPID-40611",
"CSAFPID-40609",
"CSAFPID-180198",
"CSAFPID-180196",
"CSAFPID-180201",
"CSAFPID-180202",
"CSAFPID-40613",
"CSAFPID-180199",
"CSAFPID-93546",
"CSAFPID-180195",
"CSAFPID-180200",
"CSAFPID-765371",
"CSAFPID-89545",
"CSAFPID-180215",
"CSAFPID-180197",
"CSAFPID-204639",
"CSAFPID-204627",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-342799",
"CSAFPID-765372",
"CSAFPID-220125",
"CSAFPID-245244",
"CSAFPID-204554",
"CSAFPID-764739",
"CSAFPID-204614",
"CSAFPID-345031",
"CSAFPID-204635",
"CSAFPID-204595",
"CSAFPID-204590",
"CSAFPID-224787",
"CSAFPID-1673381",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
}
],
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2022-2068",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40949",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-40294",
"CSAFPID-93631",
"CSAFPID-764900",
"CSAFPID-568240",
"CSAFPID-355340",
"CSAFPID-703515",
"CSAFPID-204456",
"CSAFPID-764735",
"CSAFPID-204635",
"CSAFPID-41183",
"CSAFPID-234306",
"CSAFPID-41182",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-764738",
"CSAFPID-764901",
"CSAFPID-764902",
"CSAFPID-220547",
"CSAFPID-187447",
"CSAFPID-760687",
"CSAFPID-40947",
"CSAFPID-2044",
"CSAFPID-449747",
"CSAFPID-40301",
"CSAFPID-449746",
"CSAFPID-40298",
"CSAFPID-223527",
"CSAFPID-760688",
"CSAFPID-93636",
"CSAFPID-40300",
"CSAFPID-93653",
"CSAFPID-642000",
"CSAFPID-642002",
"CSAFPID-642001",
"CSAFPID-165576",
"CSAFPID-764899",
"CSAFPID-40948",
"CSAFPID-426842",
"CSAFPID-93630",
"CSAFPID-204645",
"CSAFPID-1893",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-2068",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2068.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-40949",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-40294",
"CSAFPID-93631",
"CSAFPID-764900",
"CSAFPID-568240",
"CSAFPID-355340",
"CSAFPID-703515",
"CSAFPID-204456",
"CSAFPID-764735",
"CSAFPID-204635",
"CSAFPID-41183",
"CSAFPID-234306",
"CSAFPID-41182",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-764738",
"CSAFPID-764901",
"CSAFPID-764902",
"CSAFPID-220547",
"CSAFPID-187447",
"CSAFPID-760687",
"CSAFPID-40947",
"CSAFPID-2044",
"CSAFPID-449747",
"CSAFPID-40301",
"CSAFPID-449746",
"CSAFPID-40298",
"CSAFPID-223527",
"CSAFPID-760688",
"CSAFPID-93636",
"CSAFPID-40300",
"CSAFPID-93653",
"CSAFPID-642000",
"CSAFPID-642002",
"CSAFPID-642001",
"CSAFPID-165576",
"CSAFPID-764899",
"CSAFPID-40948",
"CSAFPID-426842",
"CSAFPID-93630",
"CSAFPID-204645",
"CSAFPID-1893",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-2601",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-2601",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2601.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2022-2601"
},
{
"cve": "CVE-2022-23437",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204629",
"CSAFPID-704410",
"CSAFPID-704411",
"CSAFPID-704412",
"CSAFPID-226017",
"CSAFPID-179774",
"CSAFPID-219898",
"CSAFPID-219826",
"CSAFPID-204569",
"CSAFPID-204510",
"CSAFPID-220057",
"CSAFPID-220055",
"CSAFPID-220909",
"CSAFPID-45184",
"CSAFPID-45182",
"CSAFPID-220559",
"CSAFPID-220558",
"CSAFPID-220327",
"CSAFPID-220325",
"CSAFPID-219838",
"CSAFPID-220056",
"CSAFPID-223511",
"CSAFPID-216017",
"CSAFPID-220889",
"CSAFPID-220918",
"CSAFPID-90020",
"CSAFPID-90015",
"CSAFPID-220133",
"CSAFPID-220561",
"CSAFPID-90021",
"CSAFPID-220881",
"CSAFPID-94291",
"CSAFPID-220910",
"CSAFPID-220324",
"CSAFPID-224796",
"CSAFPID-224795",
"CSAFPID-220326",
"CSAFPID-764734",
"CSAFPID-40293",
"CSAFPID-220167",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764736",
"CSAFPID-764737",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-219803",
"CSAFPID-375182",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-219776",
"CSAFPID-224791",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-764738",
"CSAFPID-240600",
"CSAFPID-764739",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-764240",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-493443",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-204563",
"CSAFPID-8984",
"CSAFPID-220548",
"CSAFPID-608629",
"CSAFPID-93784",
"CSAFPID-41111",
"CSAFPID-1685",
"CSAFPID-493445",
"CSAFPID-294401",
"CSAFPID-220547",
"CSAFPID-764824",
"CSAFPID-220459",
"CSAFPID-764825",
"CSAFPID-93635",
"CSAFPID-503534",
"CSAFPID-503493",
"CSAFPID-493444",
"CSAFPID-93633",
"CSAFPID-260395",
"CSAFPID-260393",
"CSAFPID-220468",
"CSAFPID-93636",
"CSAFPID-93634",
"CSAFPID-589926",
"CSAFPID-179780",
"CSAFPID-589925",
"CSAFPID-179779",
"CSAFPID-764826",
"CSAFPID-764827",
"CSAFPID-764828",
"CSAFPID-764829",
"CSAFPID-764830",
"CSAFPID-220190",
"CSAFPID-220189",
"CSAFPID-764833",
"CSAFPID-41183",
"CSAFPID-764834",
"CSAFPID-234306",
"CSAFPID-764835",
"CSAFPID-187447",
"CSAFPID-760687",
"CSAFPID-40947",
"CSAFPID-2044",
"CSAFPID-449747",
"CSAFPID-40301",
"CSAFPID-449746",
"CSAFPID-40298",
"CSAFPID-223527",
"CSAFPID-760688",
"CSAFPID-40300",
"CSAFPID-93653",
"CSAFPID-40949",
"CSAFPID-642000",
"CSAFPID-642002",
"CSAFPID-642001",
"CSAFPID-165576",
"CSAFPID-764899",
"CSAFPID-40948",
"CSAFPID-426842",
"CSAFPID-93630",
"CSAFPID-204645",
"CSAFPID-1893",
"CSAFPID-40294",
"CSAFPID-93631",
"CSAFPID-764900",
"CSAFPID-568240",
"CSAFPID-355340",
"CSAFPID-703515",
"CSAFPID-204456",
"CSAFPID-204635",
"CSAFPID-41182",
"CSAFPID-764901",
"CSAFPID-764902",
"CSAFPID-1899",
"CSAFPID-40299",
"CSAFPID-1900",
"CSAFPID-180194",
"CSAFPID-41112",
"CSAFPID-41110",
"CSAFPID-41113",
"CSAFPID-180193",
"CSAFPID-1898",
"CSAFPID-611587",
"CSAFPID-40297",
"CSAFPID-110244",
"CSAFPID-110242",
"CSAFPID-9489",
"CSAFPID-110249",
"CSAFPID-110243",
"CSAFPID-765241",
"CSAFPID-209546",
"CSAFPID-207586",
"CSAFPID-765242",
"CSAFPID-205759",
"CSAFPID-765365",
"CSAFPID-765366",
"CSAFPID-342804",
"CSAFPID-342805",
"CSAFPID-1882",
"CSAFPID-573035",
"CSAFPID-765367",
"CSAFPID-765368",
"CSAFPID-764242",
"CSAFPID-76994",
"CSAFPID-204623",
"CSAFPID-352633",
"CSAFPID-352632",
"CSAFPID-765369",
"CSAFPID-204528",
"CSAFPID-342802",
"CSAFPID-40610",
"CSAFPID-40611",
"CSAFPID-40609",
"CSAFPID-180198",
"CSAFPID-180217",
"CSAFPID-180196",
"CSAFPID-40612",
"CSAFPID-180201",
"CSAFPID-180216",
"CSAFPID-180202",
"CSAFPID-40613",
"CSAFPID-40608",
"CSAFPID-180199",
"CSAFPID-93546",
"CSAFPID-180195",
"CSAFPID-2310",
"CSAFPID-93547",
"CSAFPID-180200",
"CSAFPID-765371",
"CSAFPID-89545",
"CSAFPID-180215",
"CSAFPID-180197",
"CSAFPID-204639",
"CSAFPID-204627",
"CSAFPID-342799",
"CSAFPID-765372",
"CSAFPID-220125",
"CSAFPID-245244",
"CSAFPID-204554",
"CSAFPID-204614",
"CSAFPID-345031",
"CSAFPID-204595",
"CSAFPID-204590",
"CSAFPID-224787",
"CSAFPID-1673065",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-23437",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23437.json"
}
],
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-36760",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220057",
"CSAFPID-220055",
"CSAFPID-220909",
"CSAFPID-45184",
"CSAFPID-45182",
"CSAFPID-220559",
"CSAFPID-220558",
"CSAFPID-220327",
"CSAFPID-220325",
"CSAFPID-219838",
"CSAFPID-220056",
"CSAFPID-223511",
"CSAFPID-216017",
"CSAFPID-220889",
"CSAFPID-220918",
"CSAFPID-90020",
"CSAFPID-90015",
"CSAFPID-220133",
"CSAFPID-220561",
"CSAFPID-90021",
"CSAFPID-220881",
"CSAFPID-94291",
"CSAFPID-220910",
"CSAFPID-220324",
"CSAFPID-224796",
"CSAFPID-224795",
"CSAFPID-220326",
"CSAFPID-764734",
"CSAFPID-40293",
"CSAFPID-220167",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764736",
"CSAFPID-764737",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-704412",
"CSAFPID-704411",
"CSAFPID-704410",
"CSAFPID-219803",
"CSAFPID-375182",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-219776",
"CSAFPID-224791",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-764738",
"CSAFPID-240600",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-764240",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-493443",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-204563",
"CSAFPID-8984",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220057",
"CSAFPID-220055",
"CSAFPID-220909",
"CSAFPID-45184",
"CSAFPID-45182",
"CSAFPID-220559",
"CSAFPID-220558",
"CSAFPID-220327",
"CSAFPID-220325",
"CSAFPID-219838",
"CSAFPID-220056",
"CSAFPID-223511",
"CSAFPID-216017",
"CSAFPID-220889",
"CSAFPID-220918",
"CSAFPID-90020",
"CSAFPID-90015",
"CSAFPID-220133",
"CSAFPID-220561",
"CSAFPID-90021",
"CSAFPID-220881",
"CSAFPID-94291",
"CSAFPID-220910",
"CSAFPID-220324",
"CSAFPID-224796",
"CSAFPID-224795",
"CSAFPID-220326",
"CSAFPID-764734",
"CSAFPID-40293",
"CSAFPID-220167",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764736",
"CSAFPID-764737",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-704412",
"CSAFPID-704411",
"CSAFPID-704410",
"CSAFPID-219803",
"CSAFPID-375182",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-219776",
"CSAFPID-224791",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-764738",
"CSAFPID-240600",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-764240",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-493443",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-204563",
"CSAFPID-8984",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2023-2953",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2953",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2953.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-2953"
},
{
"cve": "CVE-2023-3635",
"cwe": {
"id": "CWE-195",
"name": "Signed to Unsigned Conversion Error"
},
"notes": [
{
"category": "other",
"text": "Signed to Unsigned Conversion Error",
"title": "CWE-195"
},
{
"category": "other",
"text": "Uncaught Exception",
"title": "CWE-248"
}
],
"product_status": {
"known_affected": [
"CSAFPID-94291",
"CSAFPID-40293",
"CSAFPID-204622",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-219909",
"CSAFPID-220558",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611401",
"CSAFPID-611406",
"CSAFPID-611407",
"CSAFPID-611408",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-614513",
"CSAFPID-614514",
"CSAFPID-614515",
"CSAFPID-614516",
"CSAFPID-614517",
"CSAFPID-618156",
"CSAFPID-643776",
"CSAFPID-764237",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-764240",
"CSAFPID-764241",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-764249",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-912102",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-3635",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3635.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-94291",
"CSAFPID-40293",
"CSAFPID-204622",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-219909",
"CSAFPID-220558",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611401",
"CSAFPID-611406",
"CSAFPID-611407",
"CSAFPID-611408",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-614513",
"CSAFPID-614514",
"CSAFPID-614515",
"CSAFPID-614516",
"CSAFPID-614517",
"CSAFPID-618156",
"CSAFPID-643776",
"CSAFPID-764237",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-764240",
"CSAFPID-764241",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-764249",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-912102",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242"
]
}
],
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-4043",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816352",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-342804",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-224793",
"CSAFPID-816794",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342803",
"CSAFPID-611595",
"CSAFPID-764738",
"CSAFPID-816351",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-912073",
"CSAFPID-912558"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816352",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-342804",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-224793",
"CSAFPID-816794",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342803",
"CSAFPID-611595",
"CSAFPID-764738",
"CSAFPID-816351",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-912073",
"CSAFPID-912558"
]
}
],
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5685",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2023-5685"
},
{
"cve": "CVE-2023-6597",
"cwe": {
"id": "CWE-61",
"name": "UNIX Symbolic Link (Symlink) Following"
},
"notes": [
{
"category": "other",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6597",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6816",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-6816"
},
{
"cve": "CVE-2023-38408",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-45182",
"CSAFPID-40293",
"CSAFPID-611406",
"CSAFPID-764237",
"CSAFPID-220558",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-614513",
"CSAFPID-643776",
"CSAFPID-611387",
"CSAFPID-618156",
"CSAFPID-614516",
"CSAFPID-614515",
"CSAFPID-614514",
"CSAFPID-764240",
"CSAFPID-94291",
"CSAFPID-611401",
"CSAFPID-614517",
"CSAFPID-764241",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-342804",
"CSAFPID-611408",
"CSAFPID-611407",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-611595",
"CSAFPID-764249",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-45182",
"CSAFPID-40293",
"CSAFPID-611406",
"CSAFPID-764237",
"CSAFPID-220558",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-614513",
"CSAFPID-643776",
"CSAFPID-611387",
"CSAFPID-618156",
"CSAFPID-614516",
"CSAFPID-614515",
"CSAFPID-614514",
"CSAFPID-764240",
"CSAFPID-94291",
"CSAFPID-611401",
"CSAFPID-614517",
"CSAFPID-764241",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-342804",
"CSAFPID-611408",
"CSAFPID-611407",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-611595",
"CSAFPID-764249",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-43642",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40293",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673395",
"CSAFPID-94291",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-204622",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-224793",
"CSAFPID-240600",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-614517",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-43642",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43642.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-40293",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673395",
"CSAFPID-94291",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-204622",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-224793",
"CSAFPID-240600",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-614517",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797"
]
}
],
"title": "CVE-2023-43642"
},
{
"cve": "CVE-2023-46136",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673411",
"CSAFPID-912549",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-220132",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46136",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46136.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673411",
"CSAFPID-912549",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-220132",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816352",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-219803",
"CSAFPID-816351",
"CSAFPID-611595",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673417",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-90016",
"CSAFPID-764826",
"CSAFPID-345038",
"CSAFPID-912079",
"CSAFPID-220132",
"CSAFPID-93781",
"CSAFPID-345039",
"CSAFPID-912080",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-611413",
"CSAFPID-240600",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816352",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-219803",
"CSAFPID-816351",
"CSAFPID-611595",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673417",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-90016",
"CSAFPID-764826",
"CSAFPID-345038",
"CSAFPID-912079",
"CSAFPID-220132",
"CSAFPID-93781",
"CSAFPID-345039",
"CSAFPID-912080",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-611413",
"CSAFPID-240600",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912102",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912102",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-0450",
"cwe": {
"id": "CWE-450",
"name": "Multiple Interpretations of UI Input"
},
"notes": [
{
"category": "other",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "other",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-2398",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2398",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-4577",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650731",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4577",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650731",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4603",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-5585",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5585",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
}
],
"title": "CVE-2024-5585"
},
{
"cve": "CVE-2024-5971",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673526",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5971",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5971.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673526",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-5971"
},
{
"cve": "CVE-2024-6162",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6162",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-6162"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503595",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6387",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6387.json"
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-22020",
"product_status": {
"known_affected": [
"CSAFPID-912101",
"CSAFPID-1673473",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22020",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912101",
"CSAFPID-1673473",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673475",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-219776",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-224795",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673475",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-219776",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-224795",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-22257",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22257",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2024-22262",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650820",
"CSAFPID-1650751",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22262",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650820",
"CSAFPID-1650751",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-23672",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23672",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650734",
"CSAFPID-1650830",
"CSAFPID-1650777",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-1650778",
"CSAFPID-41182",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650734",
"CSAFPID-1650830",
"CSAFPID-1650777",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-1650778",
"CSAFPID-41182",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1650752",
"CSAFPID-1673481",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25062",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1650752",
"CSAFPID-1673481",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-25638",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25638",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-25638"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1673485",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673389",
"CSAFPID-1672767",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673415",
"CSAFPID-1673390",
"CSAFPID-1673413",
"CSAFPID-1673395",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1673485",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673389",
"CSAFPID-1672767",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673415",
"CSAFPID-1673390",
"CSAFPID-1673413",
"CSAFPID-1673395",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673494",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673494",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-29133"
},
{
"cve": "CVE-2024-29736",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29736",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-29736"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673413",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29857",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673413",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30251",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30251",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30251.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-30251"
},
{
"cve": "CVE-2024-31080",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31080",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31080.json"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31744",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31744",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31744.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-31744"
},
{
"cve": "CVE-2024-32760",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673481",
"CSAFPID-1503596",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673481",
"CSAFPID-1503596",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-39689",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673393"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39689",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673393"
]
}
],
"title": "CVE-2024-39689"
},
{
"cve": "CVE-2024-40898",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673516",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40898",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673516",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-41817",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1674625"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1674625"
]
}
],
"title": "CVE-2024-41817"
},
{
"cve": "CVE-2024-43044",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673494",
"CSAFPID-1673393",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43044",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673494",
"CSAFPID-1673393",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-43044"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-45492"
}
]
}
NCSC-2024-0466
Vulnerability from csaf_ncscnl
Published
2024-12-06 13:05
Modified
2024-12-06 13:05
Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.
Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.
Oplossingen
Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE-23
Relative Path Traversal
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"title": "Kwetsbaarheden verholpen in Atlassian producten",
"tracking": {
"current_release_date": "2024-12-06T13:05:55.904619Z",
"id": "NCSC-2024-0466",
"initial_release_date": "2024-12-06T13:05:55.904619Z",
"revision_history": [
{
"date": "2024-12-06T13:05:55.904619Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "atlassian_bamboo__10.0.0",
"product": {
"name": "atlassian_bamboo__10.0.0",
"product_id": "CSAFPID-1645374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.2.17",
"product": {
"name": "atlassian_bamboo__9.2.17",
"product_id": "CSAFPID-1621163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.6.4",
"product": {
"name": "atlassian_bamboo__9.6.4",
"product_id": "CSAFPID-1645371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.19.9",
"product": {
"name": "atlassian_bitbucket__8.19.9",
"product_id": "CSAFPID-1645370",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.9.19",
"product": {
"name": "atlassian_bitbucket__8.9.19",
"product_id": "CSAFPID-1645373",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__9.0.0",
"product": {
"name": "atlassian_bitbucket__9.0.0",
"product_id": "CSAFPID-1645372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26",
"product": {
"name": "atlassian_confluence__7.19.26",
"product_id": "CSAFPID-1621160",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26__lts_",
"product": {
"name": "atlassian_confluence__7.19.26__lts_",
"product_id": "CSAFPID-1621135",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.12",
"product": {
"name": "atlassian_confluence__8.5.12",
"product_id": "CSAFPID-1645510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.14__lts_",
"product": {
"name": "atlassian_confluence__8.5.14__lts_",
"product_id": "CSAFPID-1621133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.9.4",
"product": {
"name": "atlassian_confluence__8.9.4",
"product_id": "CSAFPID-1645509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__9.0.1",
"product": {
"name": "atlassian_confluence__9.0.1",
"product_id": "CSAFPID-1621161",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence_data_center__9.0.1",
"product": {
"name": "atlassian_confluence_data_center__9.0.1",
"product_id": "CSAFPID-1621140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.12.12__lts_",
"product": {
"name": "atlassian_jira_software__9.12.12__lts_",
"product_id": "CSAFPID-1621142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.4.25__lts_",
"product": {
"name": "atlassian_jira_software__9.4.25__lts_",
"product_id": "CSAFPID-1621143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_data_center__9.17.1",
"product": {
"name": "atlassian_jira_software_data_center__9.17.1",
"product_id": "CSAFPID-1621141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product_id": "CSAFPID-1621138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product_id": "CSAFPID-1621139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product": {
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product_id": "CSAFPID-1621137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bamboo",
"product": {
"name": "bamboo",
"product_id": "CSAFPID-716889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bitbucket",
"product": {
"name": "bitbucket",
"product_id": "CSAFPID-1725084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "confluence",
"product": {
"name": "confluence",
"product_id": "CSAFPID-551338",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jira_software",
"product": {
"name": "jira_software",
"product_id": "CSAFPID-1725085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1724900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_mac",
"product": {
"name": "sourcetree_for_mac",
"product_id": "CSAFPID-1724286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_windows",
"product": {
"name": "sourcetree_for_windows",
"product_id": "CSAFPID-1724287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38900",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2023-46234",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2023-46234"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"notes": [
{
"category": "other",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4068",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-21697",
"product_status": {
"known_affected": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21697",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
}
],
"title": "CVE-2024-21697"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-38286",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-38286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json"
}
],
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1725085"
]
}
],
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-47561"
}
]
}
ncsc-2024-0328
Vulnerability from csaf_ncscnl
Published
2024-08-12 08:22
Modified
2024-08-12 08:22
Summary
Kwetsbaarheden verholpen in IBM InfoSphere
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
IBM heeft kwetsbaarheden verholpen in InfoSphere Information Server.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om gevoelige informatie te verkrijgen.
Oplossingen
IBM heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-209
Generation of Error Message Containing Sensitive Information
CWE-400
Uncontrolled Resource Consumption
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "IBM heeft kwetsbaarheden verholpen in InfoSphere Information Server.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om gevoelige informatie te verkrijgen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "IBM heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5; nvd",
"url": "https://www.ibm.com/support/pages/node/7160580"
},
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://www.ibm.com/support/pages/node/7160967"
}
],
"title": "Kwetsbaarheden verholpen in IBM InfoSphere",
"tracking": {
"current_release_date": "2024-08-12T08:22:38.701674Z",
"id": "NCSC-2024-0328",
"initial_release_date": "2024-08-12T08:22:38.701674Z",
"revision_history": [
{
"date": "2024-08-12T08:22:38.701674Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "infosphere_information_server",
"product": {
"name": "infosphere_information_server",
"product_id": "CSAFPID-41387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "ibm"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-39751",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41387"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39751",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39751.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-41387"
]
}
],
"title": "CVE-2024-39751"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41387"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-41387"
]
}
],
"title": "CVE-2023-52428"
}
]
}
ncsc-2025-0129
Vulnerability from csaf_ncscnl
Published
2025-04-16 15:02
Modified
2025-04-16 15:02
Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle Analytics.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot gevoelige gegevens, Denial-of-Service aan te richten, en zelfs volledige controle over systemen te verkrijgen. Specifieke kwetsbaarheden in Oracle Business Intelligence Enterprise Edition kunnen leiden tot ongeautoriseerde toegang en manipulatie van gegevens via HTTP. Daarnaast zijn er kwetsbaarheden die Denial-of-Service kunnen veroorzaken door onjuiste invoer of misbruik van systeemfunctionaliteiten.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-399
CWE-399
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-178
Improper Handling of Case Sensitivity
CWE-311
Missing Encryption of Sensitive Data
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-787
Out-of-bounds Write
CWE-73
External Control of File Name or Path
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot gevoelige gegevens, Denial-of-Service aan te richten, en zelfs volledige controle over systemen te verkrijgen. Specifieke kwetsbaarheden in Oracle Business Intelligence Enterprise Edition kunnen leiden tot ongeautoriseerde toegang en manipulatie van gegevens via HTTP. Daarnaast zijn er kwetsbaarheden die Denial-of-Service kunnen veroorzaken door onjuiste invoer of misbruik van systeemfunctionaliteiten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "CWE-399",
"title": "CWE-399"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Analytics",
"tracking": {
"current_release_date": "2025-04-16T15:02:22.596981Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0129",
"initial_release_date": "2025-04-16T15:02:22.596981Z",
"revision_history": [
{
"date": "2025-04-16T15:02:22.596981Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1144583",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/6.4.0.0.0",
"product": {
"name": "vers:oracle/6.4.0.0.0",
"product_id": "CSAFPID-1144584"
}
}
],
"category": "product_name",
"name": "Oracle Business Intelligence Enterprise Edition"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839844",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-1839843",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0.0.0",
"product": {
"name": "vers:oracle/7.6.0.0.0",
"product_id": "CSAFPID-1839853",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Business Intelligence Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2698946",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-1839839",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0.0.0",
"product": {
"name": "vers:oracle/7.6.0.0.0",
"product_id": "CSAFPID-1839840",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
}
],
"category": "product_family",
"name": "Oracle Analytics"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1215050"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/7.6.0.0.0",
"product": {
"name": "vers:unknown/7.6.0.0.0",
"product_id": "CSAFPID-1838786"
}
}
],
"category": "product_name",
"name": "BI Publisher"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-1145643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0.0.0",
"product": {
"name": "vers:oracle/7.6.0.0.0",
"product_id": "CSAFPID-1173987",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/12.2.1.4.0",
"product": {
"name": "vers:semver/12.2.1.4.0",
"product_id": "CSAFPID-2698635"
}
},
{
"category": "product_version_range",
"name": "vers:semver/7.6.0.0.0",
"product": {
"name": "vers:semver/7.6.0.0.0",
"product_id": "CSAFPID-2698634"
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36033",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-399",
"title": "CWE-399"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-24998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
}
],
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-25399",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-25399",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2023-25399"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38546",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38546.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-32007",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32007",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32007.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-32007"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-52046",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-52046",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2025-30723",
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30723",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30723.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2025-30723"
},
{
"cve": "CVE-2025-30724",
"product_status": {
"known_affected": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30724",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30724.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1144583",
"CSAFPID-1839844",
"CSAFPID-1144584",
"CSAFPID-1839843",
"CSAFPID-1839853",
"CSAFPID-1215050",
"CSAFPID-1838786",
"CSAFPID-2698946",
"CSAFPID-1145643",
"CSAFPID-1839839",
"CSAFPID-1839840",
"CSAFPID-1173987",
"CSAFPID-2698635",
"CSAFPID-2698634"
]
}
],
"title": "CVE-2025-30724"
}
]
}
NCSC-2024-0414
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:17
Modified
2024-10-17 13:17
Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van gegevens
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-122
Heap-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-606
Unchecked Input for Loop Condition
CWE-390
Detection of Error Condition Without Action
CWE-405
Asymmetric Resource Consumption (Amplification)
CWE-222
Truncation of Security-relevant Information
CWE-364
Signal Handler Race Condition
CWE-450
Multiple Interpretations of UI Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-126
Buffer Over-read
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-195
Signed to Unsigned Conversion Error
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-61
UNIX Symbolic Link (Symlink) Following
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-459
Incomplete Cleanup
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-918
Server-Side Request Forgery (SSRF)
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
},
{
"category": "general",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Signed to Unsigned Conversion Error",
"title": "CWE-195"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Uncaught Exception",
"title": "CWE-248"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications",
"tracking": {
"current_release_date": "2024-10-17T13:17:52.103171Z",
"id": "NCSC-2024-0414",
"initial_release_date": "2024-10-17T13:17:52.103171Z",
"revision_history": [
{
"date": "2024-10-17T13:17:52.103171Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635313",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635305",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635312",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635323",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670430",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674632",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635320",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670439",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635322",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670429",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670435",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670431",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670436",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670432",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635321",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635310",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635318",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674640",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674642",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670434",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635316",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674639",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635314",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674637",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635307",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635319",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670438",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635324",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635315",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670433",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674641",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674636",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670437",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674631",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635308",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications__10.4.0.4",
"product": {
"name": "communications__10.4.0.4",
"product_id": "CSAFPID-1674629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.2",
"product": {
"name": "communications___23.4.2",
"product_id": "CSAFPID-1670442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.3",
"product": {
"name": "communications___23.4.3",
"product_id": "CSAFPID-1635325",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.4",
"product": {
"name": "communications___23.4.4",
"product_id": "CSAFPID-1635326",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.5",
"product": {
"name": "communications___23.4.5",
"product_id": "CSAFPID-1674645",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.6",
"product": {
"name": "communications___23.4.6",
"product_id": "CSAFPID-1674646",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___24.2.0",
"product": {
"name": "communications___24.2.0",
"product_id": "CSAFPID-1674644",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___7.2.1.0.0",
"product": {
"name": "communications___7.2.1.0.0",
"product_id": "CSAFPID-1670441",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___8.6.0.6",
"product": {
"name": "communications___8.6.0.6",
"product_id": "CSAFPID-1635327",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___8.6.0.8",
"product": {
"name": "communications___8.6.0.8",
"product_id": "CSAFPID-1635328",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.0.2",
"product": {
"name": "communications___9.0.2",
"product_id": "CSAFPID-1670440",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.0.3",
"product": {
"name": "communications___9.0.3",
"product_id": "CSAFPID-1635329",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.1.1.8.0",
"product": {
"name": "communications___9.1.1.8.0",
"product_id": "CSAFPID-1674643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674621",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674618",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674619",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674622",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674617",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674623",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674620",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___12.0.6.0.0",
"product": {
"name": "communications_applications___12.0.6.0.0",
"product_id": "CSAFPID-1674627",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___5.5.22",
"product": {
"name": "communications_applications___5.5.22",
"product_id": "CSAFPID-1674626",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.3",
"product": {
"name": "communications_applications___6.0.3",
"product_id": "CSAFPID-1674628",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.4",
"product": {
"name": "communications_applications___6.0.4",
"product_id": "CSAFPID-1674624",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.5",
"product": {
"name": "communications_applications___6.0.5",
"product_id": "CSAFPID-1674625",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-204629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-1673475",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-816792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-764735",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-1650734",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-204639",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-204627",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-816793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-912557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
"product": {
"name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
"product_id": "CSAFPID-219835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management__-_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-764247",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209549",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-41194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-1650820",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-765241",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-209550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-498607",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12:0.0.5.0:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-912556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_calendar_server",
"product": {
"name": "communications_calendar_server",
"product_id": "CSAFPID-764736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_calendar_server:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_calendar_server",
"product": {
"name": "communications_calendar_server",
"product_id": "CSAFPID-220190",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_configuration_console",
"product": {
"name": "communications_cloud_native_configuration_console",
"product_id": "CSAFPID-391501",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_configuration_console",
"product": {
"name": "communications_cloud_native_configuration_console",
"product_id": "CSAFPID-440102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-89545",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-180215",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-180197",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-41516",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-41515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220057",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220055",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1503577",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673416",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673516",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673412",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1673411",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-764237",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-2045",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-40612",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-608629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-93784",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1899",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-41111",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1685",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-493445",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-294401",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-220547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-764824",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-220459",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-45184",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-45182",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-45181",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-611405",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-611403",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-611404",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1650752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1673396",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-912066",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1503323",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673526",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-165550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-93546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-180195",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-40299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-187447",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-45186",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-45185",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-220559",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-220558",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-764238",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-764239",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-816768",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-816769",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-912085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1503578",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1673389",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1673390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1673421",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1673420",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-764825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-816770",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-816771",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-912068",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-1503579",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-180201",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-1900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-760687",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-40947",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-93635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-503534",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-90018",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-220327",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-94290",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-220325",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-614513",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-643776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-816772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-912076",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-1503580",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-40613",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-2044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-40301",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-180194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-449747",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-40298",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-223527",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-449746",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-503493",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-260394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-219838",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-611387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-618156",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-816773",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1673473",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1503581",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912539",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912540",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912541",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912542",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912543",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-40611",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-40609",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-180198",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-41112",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-41110",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-760688",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-493444",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-93633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-220056",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-223511",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-216017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-220889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-614516",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-220918",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-614515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-614514",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816346",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-912077",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1503322",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1673413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1673415",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816775",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-912544",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-40608",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-180199",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-41113",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-260395",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-260393",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816348",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-912545",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816347",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-1673494",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-1673501",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-764240",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-220468",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-2310",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-93547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-180200",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-180193",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1898",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-93636",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-90020",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-90015",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-220133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1650751",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1673517",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1673395",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-912069",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-765371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-180216",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-180202",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-40300",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-93653",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-40949",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-642000",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-93634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220561",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-90021",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-94292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-218028",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220881",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-94291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220910",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-220324",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-611401",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-816778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-614517",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-912547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1673392",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1503582",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1673393",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-912546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-40610",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-611587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-642002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-493443",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-642001",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-224796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-224795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912549",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503583",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503584",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503585",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1672767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-180217",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-180196",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-165576",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-40297",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764899",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-589926",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-179780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-40948",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-589925",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-179779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-90019",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-90016",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-220326",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764241",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-912078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-816349",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-912550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1503586",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1503587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1673399",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-816779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_contacts_server",
"product": {
"name": "communications_contacts_server",
"product_id": "CSAFPID-764737",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_contacts_server:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_contacts_server",
"product": {
"name": "communications_contacts_server",
"product_id": "CSAFPID-224787",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_contacts_server",
"product": {
"name": "communications_contacts_server",
"product_id": "CSAFPID-220189",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server",
"product": {
"name": "communications_converged_application_server",
"product_id": "CSAFPID-764827",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server",
"product": {
"name": "communications_converged_application_server",
"product_id": "CSAFPID-764828",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server_-_service_controller",
"product": {
"name": "communications_converged_application_server_-_service_controller",
"product_id": "CSAFPID-764734",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server_-_service_controller",
"product": {
"name": "communications_converged_application_server_-_service_controller",
"product_id": "CSAFPID-426842",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_charging_system",
"product": {
"name": "communications_converged_charging_system",
"product_id": "CSAFPID-1503599",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_charging_system",
"product": {
"name": "communications_converged_charging_system",
"product_id": "CSAFPID-1503600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-345031",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-204635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-764833",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-224793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-816794",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-342793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1650777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-764248",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-816350",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1261",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-110244",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-110242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-93777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.45:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-1672764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-93772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_data_model",
"product": {
"name": "communications_data_model",
"product_id": "CSAFPID-764902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_data_model:12.2.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-765372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-342799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-704412",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-704411",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-165544",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-704410",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_design_studio",
"product": {
"name": "communications_design_studio",
"product_id": "CSAFPID-41183",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_intelligence_hub",
"product": {
"name": "communications_diameter_intelligence_hub",
"product_id": "CSAFPID-342802",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_intelligence_hub",
"product": {
"name": "communications_diameter_intelligence_hub",
"product_id": "CSAFPID-764829",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1503588",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1892",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1891",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1888",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1887",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1884",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1885",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1882",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1881",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1883",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1879",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1880",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-40293",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1650826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1650830",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-611413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-912551",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-912552",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_application_processor",
"product": {
"name": "communications_eagle_application_processor",
"product_id": "CSAFPID-1673417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_application_processor",
"product": {
"name": "communications_eagle_application_processor",
"product_id": "CSAFPID-765369",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1503316",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1503317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-204528",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_ftp_table_base_retrieval",
"product": {
"name": "communications_eagle_ftp_table_base_retrieval",
"product_id": "CSAFPID-204623",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_lnp_application_processor",
"product": {
"name": "communications_eagle_lnp_application_processor",
"product_id": "CSAFPID-352633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_lnp_application_processor",
"product": {
"name": "communications_eagle_lnp_application_processor",
"product_id": "CSAFPID-352632",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_software",
"product": {
"name": "communications_eagle_software",
"product_id": "CSAFPID-765366",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_software",
"product": {
"name": "communications_eagle_software",
"product_id": "CSAFPID-765365",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_software:46.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_elastic_charging_engine",
"product": {
"name": "communications_elastic_charging_engine",
"product_id": "CSAFPID-764834",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_elastic_charging_engine:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-764242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204597",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204580",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-9226",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204589",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-9070",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-8845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204624",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-2286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-204464",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-345038",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-93629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-611422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-93630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-816780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_evolved_communications_application_server",
"product": {
"name": "communications_evolved_communications_application_server",
"product_id": "CSAFPID-204645",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-816781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-816782",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-912553",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-207586",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-234306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-219803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-387664",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_interactive_session_recorder",
"product": {
"name": "communications_interactive_session_recorder",
"product_id": "CSAFPID-1893",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_ip_service_activator",
"product": {
"name": "communications_ip_service_activator",
"product_id": "CSAFPID-204622",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_ip_service_activator",
"product": {
"name": "communications_ip_service_activator",
"product_id": "CSAFPID-219909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_lsms",
"product": {
"name": "communications_lsms",
"product_id": "CSAFPID-1673065",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_lsms:14.0.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-764835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-375182",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-816351",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-41182",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_metasolv_solution",
"product": {
"name": "communications_metasolv_solution",
"product_id": "CSAFPID-611595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_metasolv_solution",
"product": {
"name": "communications_metasolv_solution",
"product_id": "CSAFPID-226017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-220167",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816353",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-764243",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816352",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1503589",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1503590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1673414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816783",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816786",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816784",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816787",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816785",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816788",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-342803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-1650778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-1266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-764249",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-816354",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-204563",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-220125",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-245244",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-219776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-204554",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_offline_mediation_controller",
"product": {
"name": "communications_offline_mediation_controller",
"product_id": "CSAFPID-765242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-9489",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-110249",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-93781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-220132",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-912079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-224791",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-219898",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-224790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-221118",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-179774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-1673496",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence",
"product": {
"name": "communications_performance_intelligence",
"product_id": "CSAFPID-1503591",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center",
"product": {
"name": "communications_performance_intelligence_center",
"product_id": "CSAFPID-1673485",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center__pic__software",
"product": {
"name": "communications_performance_intelligence_center__pic__software",
"product_id": "CSAFPID-765367",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center__pic__software",
"product": {
"name": "communications_performance_intelligence_center__pic__software",
"product_id": "CSAFPID-765368",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence_center__pic__software",
"product": {
"name": "communications_performance_intelligence_center__pic__software",
"product_id": "CSAFPID-764830",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-573035",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-45192",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-611406",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-816789",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-816790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-764738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-204595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-204590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-816355",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1503601",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816359",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816358",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816357",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-912558",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1503602",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816797",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_services_gatekeeper",
"product": {
"name": "communications_services_gatekeeper",
"product_id": "CSAFPID-608630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503592",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503593",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-40294",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-40292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1672762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-40291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503594",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-342804",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-704413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2296",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-166028",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2294",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2290",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2288",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2282",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2285",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-2279",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-204634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-345039",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-93628",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-611423",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-93631",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-816791",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-342805",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-704414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-166027",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2295",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2293",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2289",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2283",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2284",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2280",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-2281",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-220414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_route_manager",
"product": {
"name": "communications_session_route_manager",
"product_id": "CSAFPID-204607",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_router",
"product": {
"name": "communications_session_router",
"product_id": "CSAFPID-764780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_router:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_router",
"product": {
"name": "communications_session_router",
"product_id": "CSAFPID-764781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_router:9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_subscriber-aware_load_balancer",
"product": {
"name": "communications_subscriber-aware_load_balancer",
"product_id": "CSAFPID-93775",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_subscriber-aware_load_balancer",
"product": {
"name": "communications_subscriber-aware_load_balancer",
"product_id": "CSAFPID-93774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-240600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673070",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673381",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1650731",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673530",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-764901",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-78761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-614089",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673068",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-764739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204614",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-8984",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204569",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-219826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-912073",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_session_manager",
"product": {
"name": "communications_unified_session_manager",
"product_id": "CSAFPID-110243",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_session_manager",
"product": {
"name": "communications_unified_session_manager",
"product_id": "CSAFPID-205759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503596",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503597",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503598",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-764900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-76994",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-568240",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-764782",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-355340",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-912080",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1673481",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-912554",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-611408",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-703515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-611407",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-204456",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41182",
"CSAFPID-209546",
"CSAFPID-40608",
"CSAFPID-180216",
"CSAFPID-93547",
"CSAFPID-180217",
"CSAFPID-2310",
"CSAFPID-40612",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-1899",
"CSAFPID-41111",
"CSAFPID-40299",
"CSAFPID-187447",
"CSAFPID-1900",
"CSAFPID-40301",
"CSAFPID-180194",
"CSAFPID-40298",
"CSAFPID-41112",
"CSAFPID-41110",
"CSAFPID-41113",
"CSAFPID-180193",
"CSAFPID-1898",
"CSAFPID-40300",
"CSAFPID-611587",
"CSAFPID-40297",
"CSAFPID-110244",
"CSAFPID-110242",
"CSAFPID-9489",
"CSAFPID-110249",
"CSAFPID-40294",
"CSAFPID-110243",
"CSAFPID-204629",
"CSAFPID-765241",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-41183",
"CSAFPID-207586",
"CSAFPID-765242",
"CSAFPID-205759",
"CSAFPID-1893",
"CSAFPID-765365",
"CSAFPID-765366",
"CSAFPID-342804",
"CSAFPID-342805",
"CSAFPID-204456",
"CSAFPID-1882",
"CSAFPID-573035",
"CSAFPID-204645",
"CSAFPID-765367",
"CSAFPID-765368",
"CSAFPID-764242",
"CSAFPID-76994",
"CSAFPID-204623",
"CSAFPID-352633",
"CSAFPID-352632",
"CSAFPID-765369",
"CSAFPID-204528",
"CSAFPID-342802",
"CSAFPID-40610",
"CSAFPID-40611",
"CSAFPID-40609",
"CSAFPID-180198",
"CSAFPID-180196",
"CSAFPID-180201",
"CSAFPID-180202",
"CSAFPID-40613",
"CSAFPID-180199",
"CSAFPID-93546",
"CSAFPID-180195",
"CSAFPID-180200",
"CSAFPID-765371",
"CSAFPID-89545",
"CSAFPID-180215",
"CSAFPID-180197",
"CSAFPID-204639",
"CSAFPID-204627",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-342799",
"CSAFPID-765372",
"CSAFPID-220125",
"CSAFPID-245244",
"CSAFPID-204554",
"CSAFPID-764739",
"CSAFPID-204614",
"CSAFPID-345031",
"CSAFPID-204635",
"CSAFPID-204595",
"CSAFPID-204590",
"CSAFPID-224787",
"CSAFPID-1673381",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-37137",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37137.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-41182",
"CSAFPID-209546",
"CSAFPID-40608",
"CSAFPID-180216",
"CSAFPID-93547",
"CSAFPID-180217",
"CSAFPID-2310",
"CSAFPID-40612",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-1899",
"CSAFPID-41111",
"CSAFPID-40299",
"CSAFPID-187447",
"CSAFPID-1900",
"CSAFPID-40301",
"CSAFPID-180194",
"CSAFPID-40298",
"CSAFPID-41112",
"CSAFPID-41110",
"CSAFPID-41113",
"CSAFPID-180193",
"CSAFPID-1898",
"CSAFPID-40300",
"CSAFPID-611587",
"CSAFPID-40297",
"CSAFPID-110244",
"CSAFPID-110242",
"CSAFPID-9489",
"CSAFPID-110249",
"CSAFPID-40294",
"CSAFPID-110243",
"CSAFPID-204629",
"CSAFPID-765241",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-41183",
"CSAFPID-207586",
"CSAFPID-765242",
"CSAFPID-205759",
"CSAFPID-1893",
"CSAFPID-765365",
"CSAFPID-765366",
"CSAFPID-342804",
"CSAFPID-342805",
"CSAFPID-204456",
"CSAFPID-1882",
"CSAFPID-573035",
"CSAFPID-204645",
"CSAFPID-765367",
"CSAFPID-765368",
"CSAFPID-764242",
"CSAFPID-76994",
"CSAFPID-204623",
"CSAFPID-352633",
"CSAFPID-352632",
"CSAFPID-765369",
"CSAFPID-204528",
"CSAFPID-342802",
"CSAFPID-40610",
"CSAFPID-40611",
"CSAFPID-40609",
"CSAFPID-180198",
"CSAFPID-180196",
"CSAFPID-180201",
"CSAFPID-180202",
"CSAFPID-40613",
"CSAFPID-180199",
"CSAFPID-93546",
"CSAFPID-180195",
"CSAFPID-180200",
"CSAFPID-765371",
"CSAFPID-89545",
"CSAFPID-180215",
"CSAFPID-180197",
"CSAFPID-204639",
"CSAFPID-204627",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-342799",
"CSAFPID-765372",
"CSAFPID-220125",
"CSAFPID-245244",
"CSAFPID-204554",
"CSAFPID-764739",
"CSAFPID-204614",
"CSAFPID-345031",
"CSAFPID-204635",
"CSAFPID-204595",
"CSAFPID-204590",
"CSAFPID-224787",
"CSAFPID-1673381",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
}
],
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2022-2068",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40949",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-40294",
"CSAFPID-93631",
"CSAFPID-764900",
"CSAFPID-568240",
"CSAFPID-355340",
"CSAFPID-703515",
"CSAFPID-204456",
"CSAFPID-764735",
"CSAFPID-204635",
"CSAFPID-41183",
"CSAFPID-234306",
"CSAFPID-41182",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-764738",
"CSAFPID-764901",
"CSAFPID-764902",
"CSAFPID-220547",
"CSAFPID-187447",
"CSAFPID-760687",
"CSAFPID-40947",
"CSAFPID-2044",
"CSAFPID-449747",
"CSAFPID-40301",
"CSAFPID-449746",
"CSAFPID-40298",
"CSAFPID-223527",
"CSAFPID-760688",
"CSAFPID-93636",
"CSAFPID-40300",
"CSAFPID-93653",
"CSAFPID-642000",
"CSAFPID-642002",
"CSAFPID-642001",
"CSAFPID-165576",
"CSAFPID-764899",
"CSAFPID-40948",
"CSAFPID-426842",
"CSAFPID-93630",
"CSAFPID-204645",
"CSAFPID-1893",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-2068",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2068.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-40949",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45182",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-216017",
"CSAFPID-764240",
"CSAFPID-90021",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-94291",
"CSAFPID-493443",
"CSAFPID-224796",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-40293",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-93781",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-342793",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-342803",
"CSAFPID-204563",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-40294",
"CSAFPID-93631",
"CSAFPID-764900",
"CSAFPID-568240",
"CSAFPID-355340",
"CSAFPID-703515",
"CSAFPID-204456",
"CSAFPID-764735",
"CSAFPID-204635",
"CSAFPID-41183",
"CSAFPID-234306",
"CSAFPID-41182",
"CSAFPID-226017",
"CSAFPID-219898",
"CSAFPID-179774",
"CSAFPID-764738",
"CSAFPID-764901",
"CSAFPID-764902",
"CSAFPID-220547",
"CSAFPID-187447",
"CSAFPID-760687",
"CSAFPID-40947",
"CSAFPID-2044",
"CSAFPID-449747",
"CSAFPID-40301",
"CSAFPID-449746",
"CSAFPID-40298",
"CSAFPID-223527",
"CSAFPID-760688",
"CSAFPID-93636",
"CSAFPID-40300",
"CSAFPID-93653",
"CSAFPID-642000",
"CSAFPID-642002",
"CSAFPID-642001",
"CSAFPID-165576",
"CSAFPID-764899",
"CSAFPID-40948",
"CSAFPID-426842",
"CSAFPID-93630",
"CSAFPID-204645",
"CSAFPID-1893",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-2601",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-2601",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2601.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2022-2601"
},
{
"cve": "CVE-2022-23437",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204629",
"CSAFPID-704410",
"CSAFPID-704411",
"CSAFPID-704412",
"CSAFPID-226017",
"CSAFPID-179774",
"CSAFPID-219898",
"CSAFPID-219826",
"CSAFPID-204569",
"CSAFPID-204510",
"CSAFPID-220057",
"CSAFPID-220055",
"CSAFPID-220909",
"CSAFPID-45184",
"CSAFPID-45182",
"CSAFPID-220559",
"CSAFPID-220558",
"CSAFPID-220327",
"CSAFPID-220325",
"CSAFPID-219838",
"CSAFPID-220056",
"CSAFPID-223511",
"CSAFPID-216017",
"CSAFPID-220889",
"CSAFPID-220918",
"CSAFPID-90020",
"CSAFPID-90015",
"CSAFPID-220133",
"CSAFPID-220561",
"CSAFPID-90021",
"CSAFPID-220881",
"CSAFPID-94291",
"CSAFPID-220910",
"CSAFPID-220324",
"CSAFPID-224796",
"CSAFPID-224795",
"CSAFPID-220326",
"CSAFPID-764734",
"CSAFPID-40293",
"CSAFPID-220167",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764736",
"CSAFPID-764737",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-219803",
"CSAFPID-375182",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-219776",
"CSAFPID-224791",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-764738",
"CSAFPID-240600",
"CSAFPID-764739",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-764240",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-493443",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-204563",
"CSAFPID-8984",
"CSAFPID-220548",
"CSAFPID-608629",
"CSAFPID-93784",
"CSAFPID-41111",
"CSAFPID-1685",
"CSAFPID-493445",
"CSAFPID-294401",
"CSAFPID-220547",
"CSAFPID-764824",
"CSAFPID-220459",
"CSAFPID-764825",
"CSAFPID-93635",
"CSAFPID-503534",
"CSAFPID-503493",
"CSAFPID-493444",
"CSAFPID-93633",
"CSAFPID-260395",
"CSAFPID-260393",
"CSAFPID-220468",
"CSAFPID-93636",
"CSAFPID-93634",
"CSAFPID-589926",
"CSAFPID-179780",
"CSAFPID-589925",
"CSAFPID-179779",
"CSAFPID-764826",
"CSAFPID-764827",
"CSAFPID-764828",
"CSAFPID-764829",
"CSAFPID-764830",
"CSAFPID-220190",
"CSAFPID-220189",
"CSAFPID-764833",
"CSAFPID-41183",
"CSAFPID-764834",
"CSAFPID-234306",
"CSAFPID-764835",
"CSAFPID-187447",
"CSAFPID-760687",
"CSAFPID-40947",
"CSAFPID-2044",
"CSAFPID-449747",
"CSAFPID-40301",
"CSAFPID-449746",
"CSAFPID-40298",
"CSAFPID-223527",
"CSAFPID-760688",
"CSAFPID-40300",
"CSAFPID-93653",
"CSAFPID-40949",
"CSAFPID-642000",
"CSAFPID-642002",
"CSAFPID-642001",
"CSAFPID-165576",
"CSAFPID-764899",
"CSAFPID-40948",
"CSAFPID-426842",
"CSAFPID-93630",
"CSAFPID-204645",
"CSAFPID-1893",
"CSAFPID-40294",
"CSAFPID-93631",
"CSAFPID-764900",
"CSAFPID-568240",
"CSAFPID-355340",
"CSAFPID-703515",
"CSAFPID-204456",
"CSAFPID-204635",
"CSAFPID-41182",
"CSAFPID-764901",
"CSAFPID-764902",
"CSAFPID-1899",
"CSAFPID-40299",
"CSAFPID-1900",
"CSAFPID-180194",
"CSAFPID-41112",
"CSAFPID-41110",
"CSAFPID-41113",
"CSAFPID-180193",
"CSAFPID-1898",
"CSAFPID-611587",
"CSAFPID-40297",
"CSAFPID-110244",
"CSAFPID-110242",
"CSAFPID-9489",
"CSAFPID-110249",
"CSAFPID-110243",
"CSAFPID-765241",
"CSAFPID-209546",
"CSAFPID-207586",
"CSAFPID-765242",
"CSAFPID-205759",
"CSAFPID-765365",
"CSAFPID-765366",
"CSAFPID-342804",
"CSAFPID-342805",
"CSAFPID-1882",
"CSAFPID-573035",
"CSAFPID-765367",
"CSAFPID-765368",
"CSAFPID-764242",
"CSAFPID-76994",
"CSAFPID-204623",
"CSAFPID-352633",
"CSAFPID-352632",
"CSAFPID-765369",
"CSAFPID-204528",
"CSAFPID-342802",
"CSAFPID-40610",
"CSAFPID-40611",
"CSAFPID-40609",
"CSAFPID-180198",
"CSAFPID-180217",
"CSAFPID-180196",
"CSAFPID-40612",
"CSAFPID-180201",
"CSAFPID-180216",
"CSAFPID-180202",
"CSAFPID-40613",
"CSAFPID-40608",
"CSAFPID-180199",
"CSAFPID-93546",
"CSAFPID-180195",
"CSAFPID-2310",
"CSAFPID-93547",
"CSAFPID-180200",
"CSAFPID-765371",
"CSAFPID-89545",
"CSAFPID-180215",
"CSAFPID-180197",
"CSAFPID-204639",
"CSAFPID-204627",
"CSAFPID-342799",
"CSAFPID-765372",
"CSAFPID-220125",
"CSAFPID-245244",
"CSAFPID-204554",
"CSAFPID-204614",
"CSAFPID-345031",
"CSAFPID-204595",
"CSAFPID-204590",
"CSAFPID-224787",
"CSAFPID-1673065",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-23437",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23437.json"
}
],
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-36760",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220057",
"CSAFPID-220055",
"CSAFPID-220909",
"CSAFPID-45184",
"CSAFPID-45182",
"CSAFPID-220559",
"CSAFPID-220558",
"CSAFPID-220327",
"CSAFPID-220325",
"CSAFPID-219838",
"CSAFPID-220056",
"CSAFPID-223511",
"CSAFPID-216017",
"CSAFPID-220889",
"CSAFPID-220918",
"CSAFPID-90020",
"CSAFPID-90015",
"CSAFPID-220133",
"CSAFPID-220561",
"CSAFPID-90021",
"CSAFPID-220881",
"CSAFPID-94291",
"CSAFPID-220910",
"CSAFPID-220324",
"CSAFPID-224796",
"CSAFPID-224795",
"CSAFPID-220326",
"CSAFPID-764734",
"CSAFPID-40293",
"CSAFPID-220167",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764736",
"CSAFPID-764737",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-704412",
"CSAFPID-704411",
"CSAFPID-704410",
"CSAFPID-219803",
"CSAFPID-375182",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-219776",
"CSAFPID-224791",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-764738",
"CSAFPID-240600",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-764240",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-493443",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-204563",
"CSAFPID-8984",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220057",
"CSAFPID-220055",
"CSAFPID-220909",
"CSAFPID-45184",
"CSAFPID-45182",
"CSAFPID-220559",
"CSAFPID-220558",
"CSAFPID-220327",
"CSAFPID-220325",
"CSAFPID-219838",
"CSAFPID-220056",
"CSAFPID-223511",
"CSAFPID-216017",
"CSAFPID-220889",
"CSAFPID-220918",
"CSAFPID-90020",
"CSAFPID-90015",
"CSAFPID-220133",
"CSAFPID-220561",
"CSAFPID-90021",
"CSAFPID-220881",
"CSAFPID-94291",
"CSAFPID-220910",
"CSAFPID-220324",
"CSAFPID-224796",
"CSAFPID-224795",
"CSAFPID-220326",
"CSAFPID-764734",
"CSAFPID-40293",
"CSAFPID-220167",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764736",
"CSAFPID-764737",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-704412",
"CSAFPID-704411",
"CSAFPID-704410",
"CSAFPID-219803",
"CSAFPID-375182",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-219776",
"CSAFPID-224791",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-764738",
"CSAFPID-240600",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-391501",
"CSAFPID-440102",
"CSAFPID-41516",
"CSAFPID-41515",
"CSAFPID-764237",
"CSAFPID-45181",
"CSAFPID-45186",
"CSAFPID-45185",
"CSAFPID-90018",
"CSAFPID-94290",
"CSAFPID-260394",
"CSAFPID-764240",
"CSAFPID-94292",
"CSAFPID-218028",
"CSAFPID-493443",
"CSAFPID-90019",
"CSAFPID-90016",
"CSAFPID-93777",
"CSAFPID-93772",
"CSAFPID-345038",
"CSAFPID-93629",
"CSAFPID-45192",
"CSAFPID-608630",
"CSAFPID-40292",
"CSAFPID-40291",
"CSAFPID-345039",
"CSAFPID-93628",
"CSAFPID-764780",
"CSAFPID-764781",
"CSAFPID-93775",
"CSAFPID-93774",
"CSAFPID-764782",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-204563",
"CSAFPID-8984",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2023-2953",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2953",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2953.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-2953"
},
{
"cve": "CVE-2023-3635",
"cwe": {
"id": "CWE-195",
"name": "Signed to Unsigned Conversion Error"
},
"notes": [
{
"category": "other",
"text": "Signed to Unsigned Conversion Error",
"title": "CWE-195"
},
{
"category": "other",
"text": "Uncaught Exception",
"title": "CWE-248"
}
],
"product_status": {
"known_affected": [
"CSAFPID-94291",
"CSAFPID-40293",
"CSAFPID-204622",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-219909",
"CSAFPID-220558",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611401",
"CSAFPID-611406",
"CSAFPID-611407",
"CSAFPID-611408",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-614513",
"CSAFPID-614514",
"CSAFPID-614515",
"CSAFPID-614516",
"CSAFPID-614517",
"CSAFPID-618156",
"CSAFPID-643776",
"CSAFPID-764237",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-764240",
"CSAFPID-764241",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-764249",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-912102",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-3635",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3635.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-94291",
"CSAFPID-40293",
"CSAFPID-204622",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-219909",
"CSAFPID-220558",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611401",
"CSAFPID-611406",
"CSAFPID-611407",
"CSAFPID-611408",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-614513",
"CSAFPID-614514",
"CSAFPID-614515",
"CSAFPID-614516",
"CSAFPID-614517",
"CSAFPID-618156",
"CSAFPID-643776",
"CSAFPID-764237",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-764240",
"CSAFPID-764241",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-764249",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-912102",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242"
]
}
],
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-4043",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816352",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-342804",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-224793",
"CSAFPID-816794",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342803",
"CSAFPID-611595",
"CSAFPID-764738",
"CSAFPID-816351",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-912073",
"CSAFPID-912558"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816352",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-342804",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-224793",
"CSAFPID-816794",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-219803",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-240600",
"CSAFPID-342803",
"CSAFPID-611595",
"CSAFPID-764738",
"CSAFPID-816351",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-912073",
"CSAFPID-912558"
]
}
],
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5685",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2023-5685"
},
{
"cve": "CVE-2023-6597",
"cwe": {
"id": "CWE-61",
"name": "UNIX Symbolic Link (Symlink) Following"
},
"notes": [
{
"category": "other",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6597",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6816",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-6816"
},
{
"cve": "CVE-2023-38408",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-45182",
"CSAFPID-40293",
"CSAFPID-611406",
"CSAFPID-764237",
"CSAFPID-220558",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-614513",
"CSAFPID-643776",
"CSAFPID-611387",
"CSAFPID-618156",
"CSAFPID-614516",
"CSAFPID-614515",
"CSAFPID-614514",
"CSAFPID-764240",
"CSAFPID-94291",
"CSAFPID-611401",
"CSAFPID-614517",
"CSAFPID-764241",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-342804",
"CSAFPID-611408",
"CSAFPID-611407",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-611595",
"CSAFPID-764249",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-45182",
"CSAFPID-40293",
"CSAFPID-611406",
"CSAFPID-764237",
"CSAFPID-220558",
"CSAFPID-764238",
"CSAFPID-764239",
"CSAFPID-614513",
"CSAFPID-643776",
"CSAFPID-611387",
"CSAFPID-618156",
"CSAFPID-614516",
"CSAFPID-614515",
"CSAFPID-614514",
"CSAFPID-764240",
"CSAFPID-94291",
"CSAFPID-611401",
"CSAFPID-614517",
"CSAFPID-764241",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-764243",
"CSAFPID-342804",
"CSAFPID-611408",
"CSAFPID-611407",
"CSAFPID-764247",
"CSAFPID-764248",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-611595",
"CSAFPID-764249",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-240600",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-43642",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40293",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673395",
"CSAFPID-94291",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-204622",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-224793",
"CSAFPID-240600",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-614517",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-43642",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43642.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-40293",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-1673395",
"CSAFPID-94291",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-204622",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-224793",
"CSAFPID-240600",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-614517",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797"
]
}
],
"title": "CVE-2023-43642"
},
{
"cve": "CVE-2023-46136",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673411",
"CSAFPID-912549",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-220132",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46136",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46136.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673411",
"CSAFPID-912549",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-220132",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816352",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-219803",
"CSAFPID-816351",
"CSAFPID-611595",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673417",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-90016",
"CSAFPID-764826",
"CSAFPID-345038",
"CSAFPID-912079",
"CSAFPID-220132",
"CSAFPID-93781",
"CSAFPID-345039",
"CSAFPID-912080",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-611413",
"CSAFPID-240600",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-219838",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816346",
"CSAFPID-816776",
"CSAFPID-816348",
"CSAFPID-816777",
"CSAFPID-816347",
"CSAFPID-94291",
"CSAFPID-816778",
"CSAFPID-614517",
"CSAFPID-816779",
"CSAFPID-816349",
"CSAFPID-40293",
"CSAFPID-764242",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816353",
"CSAFPID-816786",
"CSAFPID-816352",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-224793",
"CSAFPID-342793",
"CSAFPID-1265",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-219803",
"CSAFPID-816351",
"CSAFPID-611595",
"CSAFPID-342803",
"CSAFPID-1266",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673417",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-90016",
"CSAFPID-764826",
"CSAFPID-345038",
"CSAFPID-912079",
"CSAFPID-220132",
"CSAFPID-93781",
"CSAFPID-345039",
"CSAFPID-912080",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-611413",
"CSAFPID-240600",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-8984",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-1503601",
"CSAFPID-1503602"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912102",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912073",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912102",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-0450",
"cwe": {
"id": "CWE-450",
"name": "Multiple Interpretations of UI Input"
},
"notes": [
{
"category": "other",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "other",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-2398",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2398",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-4577",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650731",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4577",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650731",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4603",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-5585",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5585",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
}
],
"title": "CVE-2024-5585"
},
{
"cve": "CVE-2024-5971",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673526",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5971",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5971.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1673399",
"CSAFPID-1673526",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-5971"
},
{
"cve": "CVE-2024-6162",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6162",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-6162"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503595",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6387",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6387.json"
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-22020",
"product_status": {
"known_affected": [
"CSAFPID-912101",
"CSAFPID-1673473",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22020",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912101",
"CSAFPID-1673473",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673475",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-219776",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-224795",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673475",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-219776",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-224795",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-22257",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22257",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2024-22262",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650820",
"CSAFPID-1650751",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22262",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650820",
"CSAFPID-1650751",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-23672",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23672",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650734",
"CSAFPID-1650830",
"CSAFPID-1650777",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-1650778",
"CSAFPID-41182",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650734",
"CSAFPID-1650830",
"CSAFPID-1650777",
"CSAFPID-204622",
"CSAFPID-219909",
"CSAFPID-1650778",
"CSAFPID-41182",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650826",
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1650752",
"CSAFPID-1673481",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25062",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650751",
"CSAFPID-1650752",
"CSAFPID-1673481",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-25638",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25638",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-25638"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1673485",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673389",
"CSAFPID-1672767",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673415",
"CSAFPID-1673390",
"CSAFPID-1673413",
"CSAFPID-1673395",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1673485",
"CSAFPID-1673393",
"CSAFPID-1673394",
"CSAFPID-1673389",
"CSAFPID-1672767",
"CSAFPID-1673391",
"CSAFPID-1673392",
"CSAFPID-1673415",
"CSAFPID-1673390",
"CSAFPID-1673413",
"CSAFPID-1673395",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673494",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673494",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-29133"
},
{
"cve": "CVE-2024-29736",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29736",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673399",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-29736"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673413",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29857",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673413",
"CSAFPID-1673415",
"CSAFPID-1673501",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569"
]
}
],
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30251",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30251",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30251.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-30251"
},
{
"cve": "CVE-2024-31080",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31080",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31080.json"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31744",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31744",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31744.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673392",
"CSAFPID-1673393",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-31744"
},
{
"cve": "CVE-2024-32760",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673481",
"CSAFPID-1503596",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673481",
"CSAFPID-1503596",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-39689",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673393"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39689",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673393"
]
}
],
"title": "CVE-2024-39689"
},
{
"cve": "CVE-2024-40898",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673516",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40898",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673516",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1650731",
"CSAFPID-1673382",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-41817",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1674625"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1674625"
]
}
],
"title": "CVE-2024-41817"
},
{
"cve": "CVE-2024-43044",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673494",
"CSAFPID-1673393",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43044",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673411",
"CSAFPID-1673412",
"CSAFPID-1673413",
"CSAFPID-1673396",
"CSAFPID-1673392",
"CSAFPID-1673494",
"CSAFPID-1673393",
"CSAFPID-1673415",
"CSAFPID-1673416",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-43044"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646"
]
}
],
"title": "CVE-2024-45492"
}
]
}
ncsc-2024-0299
Vulnerability from csaf_ncscnl
Published
2024-07-17 13:54
Modified
2024-07-17 13:54
Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Er zijn kwetsbaarheden verholpen in Oracle Analytics.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Toegang tot systeemgegevens
* Manipulatie van gegevens
* (Remote) code execution (Gebruikersrechten)
Oplossingen
Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-222
Truncation of Security-relevant Information
CWE-285
Improper Authorization
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-426
Untrusted Search Path
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-476
NULL Pointer Dereference
CWE-674
Uncontrolled Recursion
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-787
Out-of-bounds Write
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Er zijn kwetsbaarheden verholpen in Oracle Analytics.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23926"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21797"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26031"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46589"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49083"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0727"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21139"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
},
{
"category": "external",
"summary": "Reference - oracle",
"url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; ibm; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html"
}
],
"title": " Kwetsbaarheden verholpen in Oracle Analytics",
"tracking": {
"current_release_date": "2024-07-17T13:54:03.545073Z",
"id": "NCSC-2024-0299",
"initial_release_date": "2024-07-17T13:54:03.545073Z",
"revision_history": [
{
"date": "2024-07-17T13:54:03.545073Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-23926",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-23926",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2021-23926"
},
{
"cve": "CVE-2021-37533",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-37533",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37533.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2022-0239",
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-0239",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-0239.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2022-0239"
},
{
"cve": "CVE-2022-21797",
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-21797",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-21797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2022-21797"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-40152",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40152.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-1370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-1370"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-1436",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1436.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-1436"
},
{
"cve": "CVE-2023-26031",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26031",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-33202",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33202",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-33202"
},
{
"cve": "CVE-2023-46589",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46589",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49083",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-21139",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21139",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21139.json"
}
],
"title": "CVE-2024-21139"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816763"
]
}
],
"title": "CVE-2024-25710"
}
]
}
ncsc-2025-0133
Vulnerability from csaf_ncscnl
Published
2025-04-16 15:13
Modified
2025-04-16 15:13
Summary
Kwetsbaarheden verholpen in Oracle PeopleSoft
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle PeopleSoft's Enterprise PeopleTools (versies 8.60, 8.61 en 8.62), Talent Acquisition Manager (versie 9.2) en Enterprise CC Common Application Objects (versie 9.2).
Interpretaties
De kwetsbaarheden in Oracle PeopleSoft's Enterprise PeopleTools, Talent Acquisition Manager en Enterprise CC Common Application Objects stellen laaggeprivilegieerde kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen en gevoelige gegevens te wijzigen. Ongeauthenticeerde kwaadwillenden kunnen een andere kwetsbaarheid misbruiken om volledige DoS te veroorzaken.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle PeopleSoft\u0027s Enterprise PeopleTools (versies 8.60, 8.61 en 8.62), Talent Acquisition Manager (versie 9.2) en Enterprise CC Common Application Objects (versie 9.2).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in Oracle PeopleSoft\u0027s Enterprise PeopleTools, Talent Acquisition Manager en Enterprise CC Common Application Objects stellen laaggeprivilegieerde kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen en gevoelige gegevens te wijzigen. Ongeauthenticeerde kwaadwillenden kunnen een andere kwetsbaarheid misbruiken om volledige DoS te veroorzaken.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle PeopleSoft",
"tracking": {
"current_release_date": "2025-04-16T15:13:33.586832Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0133",
"initial_release_date": "2025-04-16T15:13:33.586832Z",
"revision_history": [
{
"date": "2025-04-16T15:13:33.586832Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.6",
"product": {
"name": "vers:unknown/8.6",
"product_id": "CSAFPID-1844416",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.60"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.61",
"product": {
"name": "vers:unknown/8.61",
"product_id": "CSAFPID-1844415",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.61"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.62",
"product": {
"name": "vers:unknown/8.62",
"product_id": "CSAFPID-2726967",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.62"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.2",
"product": {
"name": "vers:unknown/9.2",
"product_id": "CSAFPID-1844417",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:9.2"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/9.2",
"product": {
"name": "vers:oracle/9.2",
"product_id": "CSAFPID-1840087",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_cc_common_application_objects:9.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft Enterprise CC Common Application Objects"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/9.2",
"product": {
"name": "vers:oracle/9.2",
"product_id": "CSAFPID-2699168",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_talent_acquisition_manager:9.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.60",
"product": {
"name": "vers:oracle/8.60",
"product_id": "CSAFPID-1839846",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.61",
"product": {
"name": "vers:oracle/8.61",
"product_id": "CSAFPID-1839845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.62",
"product": {
"name": "vers:oracle/8.62",
"product_id": "CSAFPID-2698962",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.62:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft Enterprise PeopleTools"
}
],
"category": "product_family",
"name": "Oracle PeopleSoft"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.60",
"product": {
"name": "vers:unknown/8.60",
"product_id": "CSAFPID-1211190"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.61",
"product": {
"name": "vers:unknown/8.61",
"product_id": "CSAFPID-1211862"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.62",
"product": {
"name": "vers:unknown/8.62",
"product_id": "CSAFPID-2698378"
}
}
],
"category": "product_name",
"name": "Peoplesoft Enterprise Peopletools"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.60",
"product": {
"name": "vers:unknown/8.60",
"product_id": "CSAFPID-2115767"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.61",
"product": {
"name": "vers:unknown/8.61",
"product_id": "CSAFPID-2136023"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.62",
"product": {
"name": "vers:unknown/8.62",
"product_id": "CSAFPID-2726823"
}
}
],
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/9.2",
"product": {
"name": "vers:semver/9.2",
"product_id": "CSAFPID-2698650"
}
}
],
"category": "product_name",
"name": "PeopleSoft Enterprise CC Common Application Objects"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/9.2",
"product": {
"name": "vers:semver/9.2",
"product_id": "CSAFPID-2698644"
}
}
],
"category": "product_name",
"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/8.60",
"product": {
"name": "vers:semver/8.60",
"product_id": "CSAFPID-2698490"
}
},
{
"category": "product_version_range",
"name": "vers:semver/8.61",
"product": {
"name": "vers:semver/8.61",
"product_id": "CSAFPID-2698491"
}
},
{
"category": "product_version_range",
"name": "vers:semver/8.62",
"product": {
"name": "vers:semver/8.62",
"product_id": "CSAFPID-2698492"
}
}
],
"category": "product_name",
"name": "PeopleSoft Enterprise PeopleTools"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2025-30697",
"product_status": {
"known_affected": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30697",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30697.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
}
],
"title": "CVE-2025-30697"
},
{
"cve": "CVE-2025-30713",
"product_status": {
"known_affected": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30713",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30713.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
}
],
"title": "CVE-2025-30713"
},
{
"cve": "CVE-2025-30735",
"product_status": {
"known_affected": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30735",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30735.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1844416",
"CSAFPID-1844415",
"CSAFPID-2726967",
"CSAFPID-1844417",
"CSAFPID-1840087",
"CSAFPID-2699168",
"CSAFPID-1839846",
"CSAFPID-1839845",
"CSAFPID-2698962",
"CSAFPID-1211190",
"CSAFPID-1211862",
"CSAFPID-2698378",
"CSAFPID-2115767",
"CSAFPID-2136023",
"CSAFPID-2726823",
"CSAFPID-2698650",
"CSAFPID-2698644",
"CSAFPID-2698490",
"CSAFPID-2698491",
"CSAFPID-2698492"
]
}
],
"title": "CVE-2025-30735"
}
]
}
ncsc-2024-0466
Vulnerability from csaf_ncscnl
Published
2024-12-06 13:05
Modified
2024-12-06 13:05
Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.
Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.
Oplossingen
Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE-23
Relative Path Traversal
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"title": "Kwetsbaarheden verholpen in Atlassian producten",
"tracking": {
"current_release_date": "2024-12-06T13:05:55.904619Z",
"id": "NCSC-2024-0466",
"initial_release_date": "2024-12-06T13:05:55.904619Z",
"revision_history": [
{
"date": "2024-12-06T13:05:55.904619Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "atlassian_bamboo__10.0.0",
"product": {
"name": "atlassian_bamboo__10.0.0",
"product_id": "CSAFPID-1645374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.2.17",
"product": {
"name": "atlassian_bamboo__9.2.17",
"product_id": "CSAFPID-1621163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.6.4",
"product": {
"name": "atlassian_bamboo__9.6.4",
"product_id": "CSAFPID-1645371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.19.9",
"product": {
"name": "atlassian_bitbucket__8.19.9",
"product_id": "CSAFPID-1645370",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.9.19",
"product": {
"name": "atlassian_bitbucket__8.9.19",
"product_id": "CSAFPID-1645373",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__9.0.0",
"product": {
"name": "atlassian_bitbucket__9.0.0",
"product_id": "CSAFPID-1645372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26",
"product": {
"name": "atlassian_confluence__7.19.26",
"product_id": "CSAFPID-1621160",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26__lts_",
"product": {
"name": "atlassian_confluence__7.19.26__lts_",
"product_id": "CSAFPID-1621135",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.12",
"product": {
"name": "atlassian_confluence__8.5.12",
"product_id": "CSAFPID-1645510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.14__lts_",
"product": {
"name": "atlassian_confluence__8.5.14__lts_",
"product_id": "CSAFPID-1621133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.9.4",
"product": {
"name": "atlassian_confluence__8.9.4",
"product_id": "CSAFPID-1645509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__9.0.1",
"product": {
"name": "atlassian_confluence__9.0.1",
"product_id": "CSAFPID-1621161",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence_data_center__9.0.1",
"product": {
"name": "atlassian_confluence_data_center__9.0.1",
"product_id": "CSAFPID-1621140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.12.12__lts_",
"product": {
"name": "atlassian_jira_software__9.12.12__lts_",
"product_id": "CSAFPID-1621142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.4.25__lts_",
"product": {
"name": "atlassian_jira_software__9.4.25__lts_",
"product_id": "CSAFPID-1621143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_data_center__9.17.1",
"product": {
"name": "atlassian_jira_software_data_center__9.17.1",
"product_id": "CSAFPID-1621141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product_id": "CSAFPID-1621138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product_id": "CSAFPID-1621139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product": {
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product_id": "CSAFPID-1621137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bamboo",
"product": {
"name": "bamboo",
"product_id": "CSAFPID-716889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bitbucket",
"product": {
"name": "bitbucket",
"product_id": "CSAFPID-1725084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "confluence",
"product": {
"name": "confluence",
"product_id": "CSAFPID-551338",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jira_software",
"product": {
"name": "jira_software",
"product_id": "CSAFPID-1725085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1724900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_mac",
"product": {
"name": "sourcetree_for_mac",
"product_id": "CSAFPID-1724286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_windows",
"product": {
"name": "sourcetree_for_windows",
"product_id": "CSAFPID-1724287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38900",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2023-46234",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2023-46234"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"notes": [
{
"category": "other",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4068",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-21697",
"product_status": {
"known_affected": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21697",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
}
],
"title": "CVE-2024-21697"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-38286",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-38286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json"
}
],
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1725085"
]
}
],
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-47561"
}
]
}
rhsa-2024_8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2024-12-27 14:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8826",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2024-12-27T14:18:50+00:00",
"generator": {
"date": "2024-12-27T14:18:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2024:8826",
"initial_release_date": "2024-11-04T20:56:02+00:00",
"revision_history": [
{
"date": "2024-11-04T20:56:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:56:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-27T14:18:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
RHSA-2024:8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2025-10-23 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8826",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2025-10-23T22:30:07+00:00",
"generator": {
"date": "2025-10-23T22:30:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:8826",
"initial_release_date": "2024-11-04T20:56:02+00:00",
"revision_history": [
{
"date": "2024-11-04T20:56:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:56:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T22:30:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024_8064
Vulnerability from csaf_redhat
Published
2024-10-14 15:53
Modified
2024-12-19 14:59
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8064",
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "2314495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
},
{
"category": "external",
"summary": "2316116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8064.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.",
"tracking": {
"current_release_date": "2024-12-19T14:59:15+00:00",
"generator": {
"date": "2024-12-19T14:59:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:8064",
"initial_release_date": "2024-10-14T15:53:39+00:00",
"revision_history": [
{
"date": "2024-10-14T15:53:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T15:53:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-19T14:59:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product": {
"name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product_id": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-38809",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-24T20:00:28.839621+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2314495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Web (org.springframework:spring-web) package. Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38809"
},
{
"category": "external",
"summary": "RHBZ#2314495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809"
},
{
"category": "external",
"summary": "http://github.com/spring-projects/spring-framework",
"url": "http://github.com/spring-projects/spring-framework"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3",
"url": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533",
"url": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85",
"url": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/issues/33372",
"url": "https://github.com/spring-projects/spring-framework/issues/33372"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38809",
"url": "https://spring.io/security/cve-2024-38809"
}
],
"release_date": "2024-09-24T18:34:43+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-09-13T06:20:08.422867+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312060"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Path traversal vulnerabilities in applications that serve static resources via RouterFunctions and FileSystemResource pose a important security risk, as they allow attackers to bypass access controls and retrieve arbitrary files from the server\u0027s filesystem. This type of attack can lead to unauthorized exposure of sensitive data, such as configuration files, environment variables, or authentication credentials. If exploited, it can further facilitate privilege escalation, lateral movement, or remote code execution within the system. Given the broad access it grants to the server\u0027s filesystem, the potential for system compromise makes path traversal vulnerabilities a high-severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38816"
},
{
"category": "external",
"summary": "RHBZ#2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38816",
"url": "https://spring.io/security/cve-2024-38816"
}
],
"release_date": "2024-09-13T06:15:11.190000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource"
},
{
"cve": "CVE-2024-45294",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2024-09-06T16:20:11.403869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45294"
},
{
"category": "external",
"summary": "RHBZ#2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
}
],
"release_date": "2024-09-06T16:15:03.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2024-10-02T14:04:06.018000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316116"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47561"
},
{
"category": "external",
"summary": "RHBZ#2316116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561"
}
],
"release_date": "2024-10-03T12:20:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)"
}
]
}
rhsa-2024_8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-12-27 14:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8824",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27248",
"url": "https://issues.redhat.com/browse/JBEAP-27248"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2024-12-27T14:18:28+00:00",
"generator": {
"date": "2024-12-27T14:18:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2024:8824",
"initial_release_date": "2024-11-04T20:13:24+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-27T14:18:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024_8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-12-27 14:18
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8823",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27247",
"url": "https://issues.redhat.com/browse/JBEAP-27247"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2024-12-27T14:18:39+00:00",
"generator": {
"date": "2024-12-27T14:18:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2024:8823",
"initial_release_date": "2024-11-04T20:13:37+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-27T14:18:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024:8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2025-10-23 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8826",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2025-10-23T22:30:07+00:00",
"generator": {
"date": "2025-10-23T22:30:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:8826",
"initial_release_date": "2024-11-04T20:56:02+00:00",
"revision_history": [
{
"date": "2024-11-04T20:56:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:56:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T22:30:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2025:2416
Vulnerability from csaf_redhat
Published
2025-03-05 20:59
Modified
2025-10-24 13:21
Summary
Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update
Notes
Topic
Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] "(CVE-2023-52428)"
* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] "(CVE-2024-47535)"
* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] "(CVE-2024-31141)"
* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] "(CVE-2024-47554)"
* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] "(CVE-2024-8184)"
* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] "(CVE-2024-8184)"
* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] "(CVE-2024-9355)"
* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] "(CVE-2024-24791)"
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] \"(CVE-2023-52428)\"\n\n* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] \"(CVE-2024-47535)\"\n\n* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] \"(CVE-2024-31141)\"\n\n* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] \"(CVE-2024-47554)\"\n\n* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] \"(CVE-2024-8184)\"\n\n* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \"(CVE-2024-8184)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] \"(CVE-2024-9355)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] \"(CVE-2024-24791)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2416",
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2315719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
},
{
"category": "external",
"summary": "2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "2325538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325538"
},
{
"category": "external",
"summary": "2327264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2416.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update",
"tracking": {
"current_release_date": "2025-10-24T13:21:59+00:00",
"generator": {
"date": "2025-10-24T13:21:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:2416",
"initial_release_date": "2025-03-05T20:59:06+00:00",
"revision_history": [
{
"date": "2025-03-05T20:59:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-05T20:59:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-24T13:21:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.9.0",
"product": {
"name": "Streams for Apache Kafka 2.9.0",
"product_id": "Streams for Apache Kafka 2.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Streams for Apache Kafka"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"acknowledgments": [
{
"names": [
"David Benoit"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-9355",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-09-30T17:51:17.811000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2315719"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.\u00a0 It is also possible to force a derived key to be all zeros instead of an unpredictable value.\u00a0 This may have follow-on implications for the Go TLS stack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-fips: Golang FIPS zeroed buffer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is specific to the Go language and only affects the test code in cri-o and conmon, not the production code. Since both projects use Go exclusively for testing purposes, this issue does not impact their production environment. Therefore, cri-o and conmon are not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9355"
},
{
"category": "external",
"summary": "RHBZ#2315719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9355",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9355"
},
{
"category": "external",
"summary": "https://github.com/golang-fips/openssl/pull/198",
"url": "https://github.com/golang-fips/openssl/pull/198"
}
],
"release_date": "2024-09-30T20:53:42.833000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-fips: Golang FIPS zeroed buffer"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-31141",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2024-11-19T09:00:35.857468+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2327264"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-269: Improper Privilege Management or CWE-552: Files or Directories Accessible to External Parties vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces strict Role-Based Access Control (RBAC), network segmentation, and pod security policies that significantly limit external access pathways. Access to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with least privilege principles to ensure that only authorized roles and users can execute or manipulate code. Additionally, process isolation ensures that processes running in one container or namespace cannot access files or directories belonging to another, even if file permissions are misconfigured.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-31141"
},
{
"category": "external",
"summary": "RHBZ#2327264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv",
"url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv"
}
],
"release_date": "2024-11-19T08:40:50.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider"
},
{
"cve": "CVE-2024-47535",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-11-12T16:01:18.772613+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2325538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Denial of Service attack on windows app using Netty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47535"
},
{
"category": "external",
"summary": "RHBZ#2325538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3",
"url": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv"
}
],
"release_date": "2024-11-12T15:50:08.334000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Denial of Service attack on windows app using Netty"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
RHSA-2024:6883
Vulnerability from csaf_redhat
Published
2024-09-19 16:46
Modified
2025-10-29 12:12
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket (CVE-2024-5971)
* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)
* org.apache.cxf/cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter (CVE-2024-29736)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE (CVE-2024-32007)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket (CVE-2024-5971)\n\n* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)\n\n* org.apache.cxf/cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter (CVE-2024-29736)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE (CVE-2024-32007)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6883",
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2292211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292211"
},
{
"category": "external",
"summary": "2298827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
},
{
"category": "external",
"summary": "2298828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
},
{
"category": "external",
"summary": "2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6883.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.",
"tracking": {
"current_release_date": "2025-10-29T12:12:16+00:00",
"generator": {
"date": "2025-10-29T12:12:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:6883",
"initial_release_date": "2024-09-19T16:46:46+00:00",
"revision_history": [
{
"date": "2024-09-19T16:46:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-19T16:46:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-29T12:12:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product": {
"name": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product_id": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:3.20.7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-5971",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292211"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\\r\\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Undertow, where chunked responses fail to terminate properly under Java 17 with TLSv1.3, represents a significant security concern due to its potential for uncontrolled resource consumption and denial of service (DoS) attacks. This issue arises from Undertow\u0027s mishandling of chunked response termination after initial data flushing, leading to clients waiting indefinitely for completion signals that are not sent. Such behavior could be exploited by malicious actors to exhaust server resources, resulting in service degradation or unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5971"
},
{
"category": "external",
"summary": "RHBZ#2292211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292211"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5971"
}
],
"release_date": "2024-07-08T20:46:55+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket"
},
{
"acknowledgments": [
{
"names": [
"BfC"
]
}
],
"cve": "CVE-2024-7885",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-08-16T09:00:41.686000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305290"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat decided to rate this vulnerability as Important because of the potential loss of Availability and no additional privileges being required.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7885"
},
{
"category": "external",
"summary": "RHBZ#2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885"
}
],
"release_date": "2024-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage"
},
{
"cve": "CVE-2024-29736",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-07-19T09:20:09+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298827"
}
],
"notes": [
{
"category": "description",
"text": "A Server-side request forgery (SSRF) vulnerability has been identified in Apache CXF in the WADL service description. The flaw allows an attacker to perform SSRF-style attacks on REST web services. The attack only applies if a custom stylesheet parameter is configured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This SSRF vulnerability in Apache CXF\u0027s WADL service description is of significant severity because it allows an attacker to manipulate server-side requests, potentially leading to unauthorized access to internal resources. By exploiting this flaw, an attacker can craft malicious requests that bypass traditional security controls, enabling the server to communicate with internal systems, which may include databases, cloud services, or other sensitive infrastructure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29736"
},
{
"category": "external",
"summary": "RHBZ#2298827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-5m3j-pxh7-455p",
"url": "https://github.com/advisories/GHSA-5m3j-pxh7-455p"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2",
"url": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p",
"url": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter"
},
{
"cve": "CVE-2024-32007",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298828"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF\u0027s JAX-RS, and EAP uses RESTEasy, hence it\u0027s not-affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32007"
},
{
"category": "external",
"summary": "RHBZ#2298828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf",
"url": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633",
"url": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE"
},
{
"cve": "CVE-2024-45294",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2024-09-06T16:20:11.403869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45294"
},
{
"category": "external",
"summary": "RHBZ#2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
}
],
"release_date": "2024-09-06T16:15:03.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
}
]
}
RHSA-2024:8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-10-23 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8823",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27247",
"url": "https://issues.redhat.com/browse/JBEAP-27247"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2025-10-23T22:30:07+00:00",
"generator": {
"date": "2025-10-23T22:30:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:8823",
"initial_release_date": "2024-11-04T20:13:37+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T22:30:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024:8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-10-23 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8824",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27248",
"url": "https://issues.redhat.com/browse/JBEAP-27248"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2025-10-23T22:30:07+00:00",
"generator": {
"date": "2025-10-23T22:30:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:8824",
"initial_release_date": "2024-11-04T20:13:24+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T22:30:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
RHSA-2024:8064
Vulnerability from csaf_redhat
Published
2024-10-14 15:53
Modified
2025-10-29 04:28
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8064",
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "2314495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
},
{
"category": "external",
"summary": "2316116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8064.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.",
"tracking": {
"current_release_date": "2025-10-29T04:28:00+00:00",
"generator": {
"date": "2025-10-29T04:28:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:8064",
"initial_release_date": "2024-10-14T15:53:39+00:00",
"revision_history": [
{
"date": "2024-10-14T15:53:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T15:53:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-29T04:28:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product": {
"name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product_id": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-19T01:20:29.981665+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313454"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.\n\nThe protobuf package as shipped in RHEL does not include the affected java or kotlin bindings, therefore RHEL is Not Affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7254"
},
{
"category": "external",
"summary": "RHBZ#2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
"url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
}
],
"release_date": "2024-09-19T01:15:10.963000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
},
{
"cve": "CVE-2024-38809",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-24T20:00:28.839621+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2314495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Web (org.springframework:spring-web) package. Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38809"
},
{
"category": "external",
"summary": "RHBZ#2314495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809"
},
{
"category": "external",
"summary": "http://github.com/spring-projects/spring-framework",
"url": "http://github.com/spring-projects/spring-framework"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3",
"url": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533",
"url": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85",
"url": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/issues/33372",
"url": "https://github.com/spring-projects/spring-framework/issues/33372"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38809",
"url": "https://spring.io/security/cve-2024-38809"
}
],
"release_date": "2024-09-24T18:34:43+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-09-13T06:20:08.422867+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312060"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Path traversal vulnerabilities in applications that serve static resources via RouterFunctions and FileSystemResource pose a important security risk, as they allow attackers to bypass access controls and retrieve arbitrary files from the server\u0027s filesystem. This type of attack can lead to unauthorized exposure of sensitive data, such as configuration files, environment variables, or authentication credentials. If exploited, it can further facilitate privilege escalation, lateral movement, or remote code execution within the system. Given the broad access it grants to the server\u0027s filesystem, the potential for system compromise makes path traversal vulnerabilities a high-severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38816"
},
{
"category": "external",
"summary": "RHBZ#2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38816",
"url": "https://spring.io/security/cve-2024-38816"
}
],
"release_date": "2024-09-13T06:15:11.190000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource"
},
{
"cve": "CVE-2024-45294",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2024-09-06T16:20:11.403869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45294"
},
{
"category": "external",
"summary": "RHBZ#2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
}
],
"release_date": "2024-09-06T16:15:03.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2024-10-02T14:04:06.018000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316116"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47561"
},
{
"category": "external",
"summary": "RHBZ#2316116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561"
}
],
"release_date": "2024-10-03T12:20:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)"
}
]
}
rhsa-2024_6883
Vulnerability from csaf_redhat
Published
2024-09-19 16:46
Modified
2024-12-12 21:44
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket (CVE-2024-5971)
* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)
* org.apache.cxf/cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter (CVE-2024-29736)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE (CVE-2024-32007)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket (CVE-2024-5971)\n\n* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)\n\n* org.apache.cxf/cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter (CVE-2024-29736)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE (CVE-2024-32007)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6883",
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2292211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292211"
},
{
"category": "external",
"summary": "2298827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
},
{
"category": "external",
"summary": "2298828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
},
{
"category": "external",
"summary": "2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6883.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.",
"tracking": {
"current_release_date": "2024-12-12T21:44:58+00:00",
"generator": {
"date": "2024-12-12T21:44:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:6883",
"initial_release_date": "2024-09-19T16:46:46+00:00",
"revision_history": [
{
"date": "2024-09-19T16:46:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-19T16:46:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-12T21:44:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product": {
"name": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product_id": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:3.20.7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-5971",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292211"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\\r\\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Undertow, where chunked responses fail to terminate properly under Java 17 with TLSv1.3, represents a significant security concern due to its potential for uncontrolled resource consumption and denial of service (DoS) attacks. This issue arises from Undertow\u0027s mishandling of chunked response termination after initial data flushing, leading to clients waiting indefinitely for completion signals that are not sent. Such behavior could be exploited by malicious actors to exhaust server resources, resulting in service degradation or unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5971"
},
{
"category": "external",
"summary": "RHBZ#2292211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292211"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5971"
}
],
"release_date": "2024-07-08T20:46:55+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket"
},
{
"acknowledgments": [
{
"names": [
"BfC"
]
}
],
"cve": "CVE-2024-7885",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-08-16T09:00:41.686000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305290"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat decided to rate this vulnerability as Important because of the potential loss of Availability and no additional privileges being required.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7885"
},
{
"category": "external",
"summary": "RHBZ#2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885"
}
],
"release_date": "2024-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage"
},
{
"cve": "CVE-2024-29736",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-07-19T09:20:09+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298827"
}
],
"notes": [
{
"category": "description",
"text": "A Server-side request forgery (SSRF) vulnerability was found in Apache CXF in the WADL service description. The flaw allows an attacker to perform SSRF-style attacks on REST web services. The attack only applies if a custom stylesheet parameter is configured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This SSRF vulnerability in Apache CXF\u0027s WADL service description is of significant severity because it allows an attacker to manipulate server-side requests, potentially leading to unauthorized access to internal resources. By exploiting this flaw, an attacker can craft malicious requests that bypass traditional security controls, enabling the server to communicate with internal systems, which may include databases, cloud services, or other sensitive infrastructure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29736"
},
{
"category": "external",
"summary": "RHBZ#2298827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-5m3j-pxh7-455p",
"url": "https://github.com/advisories/GHSA-5m3j-pxh7-455p"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2",
"url": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p",
"url": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter"
},
{
"cve": "CVE-2024-32007",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298828"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF\u0027s JAX-RS, and EAP uses RESTEasy, hence it\u0027s not-affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32007"
},
{
"category": "external",
"summary": "RHBZ#2298828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf",
"url": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633",
"url": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE"
},
{
"cve": "CVE-2024-45294",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2024-09-06T16:20:11.403869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45294"
},
{
"category": "external",
"summary": "RHBZ#2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
}
],
"release_date": "2024-09-06T16:15:03.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
}
]
}
rhsa-2024:8064
Vulnerability from csaf_redhat
Published
2024-10-14 15:53
Modified
2025-10-29 04:28
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8064",
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "2314495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
},
{
"category": "external",
"summary": "2316116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8064.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.",
"tracking": {
"current_release_date": "2025-10-29T04:28:00+00:00",
"generator": {
"date": "2025-10-29T04:28:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:8064",
"initial_release_date": "2024-10-14T15:53:39+00:00",
"revision_history": [
{
"date": "2024-10-14T15:53:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T15:53:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-29T04:28:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product": {
"name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product_id": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-19T01:20:29.981665+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313454"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.\n\nThe protobuf package as shipped in RHEL does not include the affected java or kotlin bindings, therefore RHEL is Not Affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7254"
},
{
"category": "external",
"summary": "RHBZ#2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
"url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
}
],
"release_date": "2024-09-19T01:15:10.963000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
},
{
"cve": "CVE-2024-38809",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-24T20:00:28.839621+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2314495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Web (org.springframework:spring-web) package. Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38809"
},
{
"category": "external",
"summary": "RHBZ#2314495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809"
},
{
"category": "external",
"summary": "http://github.com/spring-projects/spring-framework",
"url": "http://github.com/spring-projects/spring-framework"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3",
"url": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533",
"url": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85",
"url": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/issues/33372",
"url": "https://github.com/spring-projects/spring-framework/issues/33372"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38809",
"url": "https://spring.io/security/cve-2024-38809"
}
],
"release_date": "2024-09-24T18:34:43+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-09-13T06:20:08.422867+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312060"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Path traversal vulnerabilities in applications that serve static resources via RouterFunctions and FileSystemResource pose a important security risk, as they allow attackers to bypass access controls and retrieve arbitrary files from the server\u0027s filesystem. This type of attack can lead to unauthorized exposure of sensitive data, such as configuration files, environment variables, or authentication credentials. If exploited, it can further facilitate privilege escalation, lateral movement, or remote code execution within the system. Given the broad access it grants to the server\u0027s filesystem, the potential for system compromise makes path traversal vulnerabilities a high-severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38816"
},
{
"category": "external",
"summary": "RHBZ#2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38816",
"url": "https://spring.io/security/cve-2024-38816"
}
],
"release_date": "2024-09-13T06:15:11.190000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource"
},
{
"cve": "CVE-2024-45294",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2024-09-06T16:20:11.403869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45294"
},
{
"category": "external",
"summary": "RHBZ#2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
}
],
"release_date": "2024-09-06T16:15:03.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2024-10-02T14:04:06.018000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316116"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47561"
},
{
"category": "external",
"summary": "RHBZ#2316116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561"
}
],
"release_date": "2024-10-03T12:20:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T15:53:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "workaround",
"details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.",
"product_ids": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.4.3 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)"
}
]
}
rhsa-2024:6883
Vulnerability from csaf_redhat
Published
2024-09-19 16:46
Modified
2025-10-29 12:12
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket (CVE-2024-5971)
* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)
* org.apache.cxf/cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter (CVE-2024-29736)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE (CVE-2024-32007)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket (CVE-2024-5971)\n\n* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)\n\n* org.apache.cxf/cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter (CVE-2024-29736)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE (CVE-2024-32007)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6883",
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2292211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292211"
},
{
"category": "external",
"summary": "2298827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
},
{
"category": "external",
"summary": "2298828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
},
{
"category": "external",
"summary": "2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6883.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.",
"tracking": {
"current_release_date": "2025-10-29T12:12:16+00:00",
"generator": {
"date": "2025-10-29T12:12:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:6883",
"initial_release_date": "2024-09-19T16:46:46+00:00",
"revision_history": [
{
"date": "2024-09-19T16:46:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-19T16:46:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-29T12:12:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product": {
"name": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product_id": "Red Hat build of Apache Camel 3.20.7 for Spring Boot",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:3.20.7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-5971",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292211"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\\r\\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Undertow, where chunked responses fail to terminate properly under Java 17 with TLSv1.3, represents a significant security concern due to its potential for uncontrolled resource consumption and denial of service (DoS) attacks. This issue arises from Undertow\u0027s mishandling of chunked response termination after initial data flushing, leading to clients waiting indefinitely for completion signals that are not sent. Such behavior could be exploited by malicious actors to exhaust server resources, resulting in service degradation or unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5971"
},
{
"category": "external",
"summary": "RHBZ#2292211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292211"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5971"
}
],
"release_date": "2024-07-08T20:46:55+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket"
},
{
"acknowledgments": [
{
"names": [
"BfC"
]
}
],
"cve": "CVE-2024-7885",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-08-16T09:00:41.686000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305290"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat decided to rate this vulnerability as Important because of the potential loss of Availability and no additional privileges being required.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7885"
},
{
"category": "external",
"summary": "RHBZ#2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885"
}
],
"release_date": "2024-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage"
},
{
"cve": "CVE-2024-29736",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-07-19T09:20:09+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298827"
}
],
"notes": [
{
"category": "description",
"text": "A Server-side request forgery (SSRF) vulnerability has been identified in Apache CXF in the WADL service description. The flaw allows an attacker to perform SSRF-style attacks on REST web services. The attack only applies if a custom stylesheet parameter is configured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This SSRF vulnerability in Apache CXF\u0027s WADL service description is of significant severity because it allows an attacker to manipulate server-side requests, potentially leading to unauthorized access to internal resources. By exploiting this flaw, an attacker can craft malicious requests that bypass traditional security controls, enabling the server to communicate with internal systems, which may include databases, cloud services, or other sensitive infrastructure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29736"
},
{
"category": "external",
"summary": "RHBZ#2298827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-5m3j-pxh7-455p",
"url": "https://github.com/advisories/GHSA-5m3j-pxh7-455p"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2",
"url": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p",
"url": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter"
},
{
"cve": "CVE-2024-32007",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298828"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF\u0027s JAX-RS, and EAP uses RESTEasy, hence it\u0027s not-affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32007"
},
{
"category": "external",
"summary": "RHBZ#2298828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf",
"url": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633",
"url": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE"
},
{
"cve": "CVE-2024-45294",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2024-09-06T16:20:11.403869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45294"
},
{
"category": "external",
"summary": "RHBZ#2310447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
},
{
"category": "external",
"summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
"url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
}
],
"release_date": "2024-09-06T16:15:03.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-19T16:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6883"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 3.20.7 for Spring Boot"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
}
]
}
RHSA-2024:8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-10-23 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8824",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27248",
"url": "https://issues.redhat.com/browse/JBEAP-27248"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2025-10-23T22:30:07+00:00",
"generator": {
"date": "2025-10-23T22:30:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:8824",
"initial_release_date": "2024-11-04T20:13:24+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T22:30:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024:8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2025-10-23 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8823",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27247",
"url": "https://issues.redhat.com/browse/JBEAP-27247"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2025-10-23T22:30:07+00:00",
"generator": {
"date": "2025-10-23T22:30:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:8823",
"initial_release_date": "2024-11-04T20:13:37+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T22:30:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform\u0027s implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
fkie_cve-2023-52428
Vulnerability from fkie_nvd
Published
2024-02-11 05:15
Modified
2024-11-21 08:39
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e | Patch | |
| cve@mitre.org | https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/ | Issue Tracking | |
| cve@mitre.org | https://connect2id.com/products/nimbus-jose-jwt | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/ | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://connect2id.com/products/nimbus-jose-jwt | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connect2id | nimbus_jose\+jwt | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B5D00-0BBE-409A-B453-E9124F17CF99",
"versionEndExcluding": "9.37.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
},
{
"lang": "es",
"value": "En Connect2id Nimbus JOSE+JWT anterior a 9.37.2, un atacante puede provocar una denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de un valor de encabezado JWE p2c grande (tambi\u00e9n conocido como recuento de iteraciones) para el componente PasswordBasedDecrypter (PBKDF2)."
}
],
"id": "CVE-2023-52428",
"lastModified": "2024-11-21T08:39:43.963",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-02-11T05:15:08.383",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://connect2id.com/products/nimbus-jose-jwt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://connect2id.com/products/nimbus-jose-jwt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
gsd-2023-52428
Vulnerability from gsd
Modified
2024-02-11 06:02
Details
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-52428"
],
"details": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.",
"id": "GSD-2023-52428",
"modified": "2024-02-11T06:02:40.925498Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-52428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/",
"refsource": "MISC",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"name": "https://connect2id.com/products/nimbus-jose-jwt",
"refsource": "MISC",
"url": "https://connect2id.com/products/nimbus-jose-jwt"
},
{
"name": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e",
"refsource": "MISC",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
}
],
"id": "CVE-2023-52428",
"lastModified": "2024-02-11T22:29:15.837",
"metrics": {},
"published": "2024-02-11T05:15:08.383",
"references": [
{
"source": "cve@mitre.org",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
},
{
"source": "cve@mitre.org",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"source": "cve@mitre.org",
"url": "https://connect2id.com/products/nimbus-jose-jwt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Awaiting Analysis"
}
}
}
}
ghsa-gvpg-vgmx-xg6w
Vulnerability from github
Published
2024-02-11 06:30
Modified
2024-10-30 21:32
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
Summary
Denial of Service in Connect2id Nimbus JOSE+JWT
Details
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.nimbusds:nimbus-jose-jwt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.37.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-52428"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-15T14:23:03Z",
"nvd_published_at": "2024-02-11T05:15:08Z",
"severity": "HIGH"
},
"details": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.",
"id": "GHSA-gvpg-vgmx-xg6w",
"modified": "2024-10-30T21:32:55Z",
"published": "2024-02-11T06:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
},
{
"type": "PACKAGE",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt"
},
{
"type": "WEB",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
},
{
"type": "WEB",
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526"
},
{
"type": "WEB",
"url": "https://connect2id.com/products/nimbus-jose-jwt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Denial of Service in Connect2id Nimbus JOSE+JWT"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…