Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-47535
Vulnerability from cvelistv5
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:netty:netty:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "netty", vendor: "netty", versions: [ { lessThan: "4.1.115", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-47535", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T20:43:58.714521Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T20:44:41.743Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "netty", vendor: "netty", versions: [ { status: "affected", version: "< 4.1.115", }, ], }, ], descriptions: [ { lang: "en", value: "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T15:50:08.334Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, { name: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", tags: [ "x_refsource_MISC", ], url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, ], source: { advisory: "GHSA-xq3w-v528-46rv", discovery: "UNKNOWN", }, title: "Denial of Service attack on windows app using Netty", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-47535", datePublished: "2024-11-12T15:50:08.334Z", dateReserved: "2024-09-25T21:46:10.929Z", dateUpdated: "2024-11-13T20:44:41.743Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-47535\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-11-12T16:15:22.237\",\"lastModified\":\"2024-11-13T17:01:58.603\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.\"},{\"lang\":\"es\",\"value\":\"Netty es un framework de trabajo de aplicación de red asincrónico controlado por eventos para el desarrollo rápido de servidores y clientes de protocolo de alto rendimiento y mantenibles. Una lectura no segura de un archivo de entorno podría provocar una denegación de servicio en Netty. Cuando se carga en una aplicación de Windows, Netty intenta cargar un archivo que no existe. Si un atacante crea un archivo tan grande, la aplicación Netty se bloquea. Esta vulnerabilidad se corrigió en 4.1.115.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\",\"source\":\"security-advisories@github.com\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47535\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T20:43:58.714521Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:netty:netty:-:*:*:*:*:*:*:*\"], \"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.1.115\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T20:44:36.110Z\"}}], \"cna\": {\"title\": \"Denial of Service attack on windows app using Netty\", \"source\": {\"advisory\": \"GHSA-xq3w-v528-46rv\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"< 4.1.115\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3\", \"name\": \"https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-11-12T15:50:08.334Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-47535\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T20:44:41.743Z\", \"dateReserved\": \"2024-09-25T21:46:10.929Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-11-12T15:50:08.334Z\", \"assignerShortName\": \"GitHub_M\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
rhsa-2025:3358
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.narayana-narayana-all: deadlock via multiple join requests sent to LRA Coordinator [eap-8.0.z] (CVE-2024-8447)\n\n* io.netty/netty: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2024-47535)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine [eap-8.0.z] (CVE-2025-24970)\n\n* netty-common: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2025-25193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3358", url: "https://access.redhat.com/errata/RHSA-2025:3358", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "https://access.redhat.com/articles/7109353", url: "https://access.redhat.com/articles/7109353", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "JBEAP-29540", url: "https://issues.redhat.com/browse/JBEAP-29540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3358.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update", tracking: { current_release_date: "2025-04-04T19:36:26+00:00", generator: { date: "2025-04-04T19:36:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3358", initial_release_date: "2025-03-27T16:47:04+00:00", revision_history: [ { date: "2025-03-27T16:47:04+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-27T16:47:04+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:36:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 8", product: { name: "Red Hat JBoss Enterprise Application Platform 8", product_id: "Red Hat JBoss Enterprise Application Platform 8", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8447", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2025-01-01T22:41:50.788000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2335206", }, ], notes: [ { category: "description", text: "A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "narayana: deadlock via multiple join requests sent to LRA Coordinator", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8447", }, { category: "external", summary: "RHBZ#2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8447", url: "https://www.cve.org/CVERecord?id=CVE-2024-8447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", }, { category: "external", summary: "https://github.com/jbosstm/narayana/pull/2293", url: "https://github.com/jbosstm/narayana/pull/2293", }, ], release_date: "2024-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "narayana: deadlock via multiple join requests sent to LRA Coordinator", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:0900
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Quarkus 3.15.3 includes the following CVE fixes:\n\n* io.quarkus/quarkus-netty: Denial of Service attack on windows app using Netty [quarkus-3.15] (CVE-2024-47535)\n\n* io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling [quarkus-3.15] (CVE-2024-12397)\n \n\nFor more information, see the release notes page listed in the References\nsection.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:0900", url: "https://access.redhat.com/errata/RHSA-2025:0900", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/articles/4966181", url: "https://access.redhat.com/articles/4966181", }, { category: "external", summary: "https://access.redhat.com/products/quarkus/", url: "https://access.redhat.com/products/quarkus/", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus&downloadType=distributions&version=3.15.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus&downloadType=distributions&version=3.15.3", }, { category: "external", summary: "QUARKUS-5043", url: "https://issues.redhat.com/browse/QUARKUS-5043", }, { category: "external", summary: "QUARKUS-5226", url: "https://issues.redhat.com/browse/QUARKUS-5226", }, { category: "external", summary: "QUARKUS-5235", url: "https://issues.redhat.com/browse/QUARKUS-5235", }, { category: "external", summary: "QUARKUS-5531", url: "https://issues.redhat.com/browse/QUARKUS-5531", }, { category: "external", summary: "QUARKUS-5532", url: "https://issues.redhat.com/browse/QUARKUS-5532", }, { category: "external", summary: "QUARKUS-5533", url: "https://issues.redhat.com/browse/QUARKUS-5533", }, { category: "external", summary: "QUARKUS-5537", url: "https://issues.redhat.com/browse/QUARKUS-5537", }, { category: "external", summary: "QUARKUS-5538", url: "https://issues.redhat.com/browse/QUARKUS-5538", }, { category: "external", summary: "QUARKUS-5540", url: "https://issues.redhat.com/browse/QUARKUS-5540", }, { category: "external", summary: "QUARKUS-5541", url: "https://issues.redhat.com/browse/QUARKUS-5541", }, { category: "external", summary: "QUARKUS-5543", url: "https://issues.redhat.com/browse/QUARKUS-5543", }, { category: "external", summary: "QUARKUS-5544", url: "https://issues.redhat.com/browse/QUARKUS-5544", }, { category: "external", summary: "QUARKUS-5548", url: "https://issues.redhat.com/browse/QUARKUS-5548", }, { category: "external", summary: "QUARKUS-5549", url: "https://issues.redhat.com/browse/QUARKUS-5549", }, { category: "external", summary: "QUARKUS-5550", url: "https://issues.redhat.com/browse/QUARKUS-5550", }, { category: "external", summary: "QUARKUS-5552", url: "https://issues.redhat.com/browse/QUARKUS-5552", }, { category: "external", summary: "QUARKUS-5553", url: "https://issues.redhat.com/browse/QUARKUS-5553", }, { category: "external", summary: "QUARKUS-5554", url: "https://issues.redhat.com/browse/QUARKUS-5554", }, { category: "external", summary: "QUARKUS-5556", url: "https://issues.redhat.com/browse/QUARKUS-5556", }, { category: "external", summary: "QUARKUS-5557", url: "https://issues.redhat.com/browse/QUARKUS-5557", }, { category: "external", summary: "QUARKUS-5558", url: "https://issues.redhat.com/browse/QUARKUS-5558", }, { category: "external", summary: "QUARKUS-5559", url: "https://issues.redhat.com/browse/QUARKUS-5559", }, { category: "external", summary: "QUARKUS-5560", url: "https://issues.redhat.com/browse/QUARKUS-5560", }, { category: "external", summary: "QUARKUS-5563", url: "https://issues.redhat.com/browse/QUARKUS-5563", }, { category: "external", summary: "QUARKUS-5564", url: "https://issues.redhat.com/browse/QUARKUS-5564", }, { category: "external", summary: "QUARKUS-5565", url: "https://issues.redhat.com/browse/QUARKUS-5565", }, { category: "external", summary: "QUARKUS-5566", url: "https://issues.redhat.com/browse/QUARKUS-5566", }, { category: "external", summary: "QUARKUS-5625", url: "https://issues.redhat.com/browse/QUARKUS-5625", }, { category: "external", summary: "QUARKUS-5635", url: "https://issues.redhat.com/browse/QUARKUS-5635", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0900.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Quarkus 3.15.3 release and security update", tracking: { current_release_date: "2025-04-01T13:15:43+00:00", generator: { date: "2025-04-01T13:15:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:0900", initial_release_date: "2025-02-05T12:21:00+00:00", revision_history: [ { date: "2025-02-05T12:21:00+00:00", number: "1", summary: "Initial version", }, { date: "2025-02-05T12:21:00+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-01T13:15:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Quarkus 3.15.3", product: { name: "Red Hat build of Quarkus 3.15.3", product_id: "Red Hat build of Quarkus 3.15.3", product_identification_helper: { cpe: "cpe:/a:redhat:quarkus:3.15::el8", }, }, }, ], category: "product_family", name: "Red Hat build of Quarkus", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-12397", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2024-12-10T01:15:33.380000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2331298", }, ], notes: [ { category: "description", text: "A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with\ncertain value-delimiting characters in incoming requests. This issue could\nallow an attacker to construct a cookie value to exfiltrate HttpOnly cookie\nvalues or spoof arbitrary additional cookie values, leading to unauthorized\ndata access or modification. The main threat from this flaw impacts data\nconfidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has evaluated this vulnerability. This is a very similar vulnerability to an Undertow, seen in CVE-2023-4639.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 3.15.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-12397", }, { category: "external", summary: "RHBZ#2331298", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2331298", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-12397", url: "https://www.cve.org/CVERecord?id=CVE-2024-12397", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-12397", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-12397", }, ], release_date: "2024-12-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-05T12:21:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 3.15.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0900", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "Red Hat build of Quarkus 3.15.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat build of Quarkus 3.15.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 3.15.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-05T12:21:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 3.15.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0900", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 3.15.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:3465
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)\n\n* netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine (CVE-2025-24970)\n\n* org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3465", url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3465.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.21 security update", tracking: { current_release_date: "2025-04-02T20:23:54+00:00", generator: { date: "2025-04-02T20:23:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3465", initial_release_date: "2025-04-01T13:12:18+00:00", revision_history: [ { date: "2025-04-01T13:12:18+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-01T13:12:18+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T20:23:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 8", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", }, }, }, { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 9", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00004.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00004.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00004.1.el9eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { acknowledgments: [ { names: [ "Claudia Bartolini", "Marco Ventura", "Massimiliano Brolli", ], organization: "TIM S.p.A", }, ], cve: "CVE-2025-23367", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2025-01-14T14:56:46.389000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2337620", }, ], notes: [ { category: "description", text: "A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.", title: "Vulnerability description", }, { category: "summary", text: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has evaluated this issue and the attacker must be authenticated as a user that belongs to the \"Monitor\" or \"Auditor\" management groups. It requires previous privileges to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-23367", }, { category: "external", summary: "RHBZ#2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-23367", url: "https://www.cve.org/CVERecord?id=CVE-2025-23367", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", }, { category: "external", summary: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", url: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", }, ], release_date: "2025-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:3357
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.narayana-narayana-all: deadlock via multiple join requests sent to LRA Coordinator [eap-8.0.z] (CVE-2024-8447)\n\n* io.netty/netty: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2024-47535)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine [eap-8.0.z] (CVE-2025-24970)\n\n* netty-common: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2025-25193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3357", url: "https://access.redhat.com/errata/RHSA-2025:3357", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "https://access.redhat.com/articles/7109353", url: "https://access.redhat.com/articles/7109353", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "JBEAP-29540", url: "https://issues.redhat.com/browse/JBEAP-29540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3357.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update", tracking: { current_release_date: "2025-04-04T19:36:32+00:00", generator: { date: "2025-04-04T19:36:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3357", initial_release_date: "2025-03-27T16:42:38+00:00", revision_history: [ { date: "2025-03-27T16:42:38+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-27T16:42:38+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:36:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 9", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", }, }, }, { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 8", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-buffer@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-http@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-common@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.6.1-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-2.redhat_00003.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-buffer@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-http@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-common@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.6.1-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-2.redhat_00003.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_id: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00002.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_id: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00002.1.el8eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8447", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2025-01-01T22:41:50.788000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2335206", }, ], notes: [ { category: "description", text: "A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "narayana: deadlock via multiple join requests sent to LRA Coordinator", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8447", }, { category: "external", summary: "RHBZ#2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8447", url: "https://www.cve.org/CVERecord?id=CVE-2024-8447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", }, { category: "external", summary: "https://github.com/jbosstm/narayana/pull/2293", url: "https://github.com/jbosstm/narayana/pull/2293", }, ], release_date: "2024-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "narayana: deadlock via multiple join requests sent to LRA Coordinator", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:2416
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] \"(CVE-2023-52428)\"\n\n* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] \"(CVE-2024-47535)\"\n\n* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] \"(CVE-2024-31141)\"\n\n* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] \"(CVE-2024-47554)\"\n\n* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] \"(CVE-2024-8184)\"\n\n* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \"(CVE-2024-8184)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] \"(CVE-2024-9355)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] \"(CVE-2024-24791)\"", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:2416", url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2315719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315719", }, { category: "external", summary: "2316271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316271", }, { category: "external", summary: "2318564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318564", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2327264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2327264", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2416.json", }, ], title: "Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update", tracking: { current_release_date: "2025-04-03T08:33:45+00:00", generator: { date: "2025-04-03T08:33:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:2416", initial_release_date: "2025-03-05T20:59:06+00:00", revision_history: [ { date: "2025-03-05T20:59:06+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-05T20:59:06+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-03T08:33:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Streams for Apache Kafka 2.9.0", product: { name: "Streams for Apache Kafka 2.9.0", product_id: "Streams for Apache Kafka 2.9.0", product_identification_helper: { cpe: "cpe:/a:redhat:amq_streams:2", }, }, }, ], category: "product_family", name: "Streams for Apache Kafka", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-8184", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-10-14T16:01:01.239238+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2318564", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty's ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.", title: "Vulnerability description", }, { category: "summary", text: "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8184", }, { category: "external", summary: "RHBZ#2318564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318564", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8184", url: "https://www.cve.org/CVERecord?id=CVE-2024-8184", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8184", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8184", }, { category: "external", summary: "https://github.com/jetty/jetty.project/pull/11723", url: "https://github.com/jetty/jetty.project/pull/11723", }, { category: "external", summary: "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq", url: "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30", }, ], release_date: "2024-10-14T15:09:37.861000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Streams for Apache Kafka 2.9.0", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks", }, { acknowledgments: [ { names: [ "David Benoit", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-9355", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, discovery_date: "2024-09-30T17:51:17.811000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2315719", }, ], notes: [ { category: "description", text: "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This may have follow-on implications for the Go TLS stack.", title: "Vulnerability description", }, { category: "summary", text: "golang-fips: Golang FIPS zeroed buffer", title: "Vulnerability summary", }, { category: "other", text: "This issue is specific to the Go language and only affects the test code in cri-o and conmon, not the production code. Since both projects use Go exclusively for testing purposes, this issue does not impact their production environment. Therefore, cri-o and conmon are not affected by this vulnerability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-9355", }, { category: "external", summary: "RHBZ#2315719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315719", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-9355", url: "https://www.cve.org/CVERecord?id=CVE-2024-9355", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-9355", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-9355", }, ], release_date: "2024-09-30T20:53:42.833000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Streams for Apache Kafka 2.9.0", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang-fips: Golang FIPS zeroed buffer", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295310", }, ], notes: [ { category: "description", text: "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "net/http: Denial of service due to improper 100-continue handling in net/http", title: "Vulnerability summary", }, { category: "other", text: "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker's control. This reduces the severity score of this flaw to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24791", }, { category: "external", summary: "RHBZ#2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24791", url: "https://www.cve.org/CVERecord?id=CVE-2024-24791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", }, { category: "external", summary: "https://go.dev/cl/591255", url: "https://go.dev/cl/591255", }, { category: "external", summary: "https://go.dev/issue/67555", url: "https://go.dev/issue/67555", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", url: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", }, ], release_date: "2024-07-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Streams for Apache Kafka 2.9.0", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "net/http: Denial of service due to improper 100-continue handling in net/http", }, { cve: "CVE-2024-31141", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, discovery_date: "2024-11-19T09:00:35.857468+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2327264", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.", title: "Vulnerability description", }, { category: "summary", text: "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-31141", }, { category: "external", summary: "RHBZ#2327264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2327264", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-31141", url: "https://www.cve.org/CVERecord?id=CVE-2024-31141", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-31141", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-31141", }, { category: "external", summary: "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv", url: "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv", }, ], release_date: "2024-11-19T08:40:50.695000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { cve: "CVE-2024-47554", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-10-03T12:00:40.921058+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316271", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47554", }, { category: "external", summary: "RHBZ#2316271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316271", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47554", url: "https://www.cve.org/CVERecord?id=CVE-2024-47554", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47554", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47554", }, { category: "external", summary: "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1", url: "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1", }, ], release_date: "2024-10-03T11:32:48.936000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader", }, ], }
rhsa-2025:3467
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)\n\n* netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine (CVE-2025-24970)\n\n* org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3467", url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3467.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 .21 security update", tracking: { current_release_date: "2025-04-02T20:23:35+00:00", generator: { date: "2025-04-02T20:23:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3467", initial_release_date: "2025-04-01T13:06:47+00:00", revision_history: [ { date: "2025-04-01T13:06:47+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-01T13:06:47+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T20:23:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7", product: { name: "Red Hat JBoss Enterprise Application Platform 7", product_id: "Red Hat JBoss Enterprise Application Platform 7", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { acknowledgments: [ { names: [ "Claudia Bartolini", "Marco Ventura", "Massimiliano Brolli", ], organization: "TIM S.p.A", }, ], cve: "CVE-2025-23367", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2025-01-14T14:56:46.389000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2337620", }, ], notes: [ { category: "description", text: "A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.", title: "Vulnerability description", }, { category: "summary", text: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has evaluated this issue and the attacker must be authenticated as a user that belongs to the \"Monitor\" or \"Auditor\" management groups. It requires previous privileges to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-23367", }, { category: "external", summary: "RHBZ#2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-23367", url: "https://www.cve.org/CVERecord?id=CVE-2025-23367", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", }, { category: "external", summary: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", url: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", }, ], release_date: "2025-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
suse-su-2024:4407-1
Vulnerability from csaf_suse
Notes
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative", title: "Title of the patch", }, { category: "description", text: "This update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative fixes the following issues:\n\n- CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java application can \nlead to a crash due to the JVM memory limit being exceeded in netty (bsc#1233297)\n\nOther fixes:\n- Upgraded netty to upstream version 4.1.115\n- Upgraded netty-tcnative to version 2.0.69 Final\n- Updated jctools to version 4.0.5\n- Updated aalto-xml to version 1.3.3\n- Updated moditect to version 1.2.2\n- Updated flatten-maven-plugin to version 1.6.0", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-4407,SUSE-SLE-Module-Development-Tools-15-SP5-2024-4407,SUSE-SLE-Module-Development-Tools-15-SP6-2024-4407,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4407,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4407,openSUSE-SLE-15.5-2024-4407,openSUSE-SLE-15.6-2024-4407", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_4407-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:4407-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20244407-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:4407-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020044.html", }, { category: "self", summary: "SUSE Bug 1047218", url: "https://bugzilla.suse.com/1047218", }, { category: "self", summary: "SUSE Bug 1233297", url: "https://bugzilla.suse.com/1233297", }, { category: "self", summary: "SUSE CVE CVE-2024-47535 page", url: "https://www.suse.com/security/cve/CVE-2024-47535/", }, ], title: "Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative", tracking: { current_release_date: "2024-12-23T08:49:34Z", generator: { date: "2024-12-23T08:49:34Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:4407-1", initial_release_date: "2024-12-23T08:49:34Z", revision_history: [ { date: "2024-12-23T08:49:34Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "netty-4.1.115-150200.4.26.1.aarch64", product: { name: "netty-4.1.115-150200.4.26.1.aarch64", product_id: "netty-4.1.115-150200.4.26.1.aarch64", }, }, { category: "product_version", name: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", product: { name: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", product_id: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", }, }, { category: "product_version", name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.aarch64", product: { name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.aarch64", product_id: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "netty-4.1.115-150200.4.26.1.i586", product: { name: "netty-4.1.115-150200.4.26.1.i586", product_id: "netty-4.1.115-150200.4.26.1.i586", }, }, { category: "product_version", name: "netty-tcnative-2.0.69-150200.3.22.1.i586", product: { name: "netty-tcnative-2.0.69-150200.3.22.1.i586", product_id: "netty-tcnative-2.0.69-150200.3.22.1.i586", }, }, { category: "product_version", name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.i586", product: { name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.i586", product_id: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "aalto-xml-1.3.3-150200.5.3.1.noarch", product: { name: "aalto-xml-1.3.3-150200.5.3.1.noarch", product_id: "aalto-xml-1.3.3-150200.5.3.1.noarch", }, }, { category: "product_version", name: "aalto-xml-javadoc-1.3.3-150200.5.3.1.noarch", product: { name: "aalto-xml-javadoc-1.3.3-150200.5.3.1.noarch", product_id: "aalto-xml-javadoc-1.3.3-150200.5.3.1.noarch", }, }, { category: "product_version", name: "flatten-maven-plugin-1.6.0-150200.5.3.1.noarch", product: { name: "flatten-maven-plugin-1.6.0-150200.5.3.1.noarch", product_id: "flatten-maven-plugin-1.6.0-150200.5.3.1.noarch", }, }, { category: "product_version", name: "flatten-maven-plugin-javadoc-1.6.0-150200.5.3.1.noarch", product: { name: "flatten-maven-plugin-javadoc-1.6.0-150200.5.3.1.noarch", product_id: "flatten-maven-plugin-javadoc-1.6.0-150200.5.3.1.noarch", }, }, { category: "product_version", name: "jctools-4.0.5-150200.3.9.1.noarch", product: { name: "jctools-4.0.5-150200.3.9.1.noarch", product_id: "jctools-4.0.5-150200.3.9.1.noarch", }, }, { category: "product_version", name: "jctools-channels-4.0.5-150200.3.9.1.noarch", product: { name: "jctools-channels-4.0.5-150200.3.9.1.noarch", product_id: "jctools-channels-4.0.5-150200.3.9.1.noarch", }, }, { category: "product_version", name: "jctools-experimental-4.0.5-150200.3.9.1.noarch", product: { name: "jctools-experimental-4.0.5-150200.3.9.1.noarch", product_id: "jctools-experimental-4.0.5-150200.3.9.1.noarch", }, }, { category: "product_version", name: "jctools-javadoc-4.0.5-150200.3.9.1.noarch", product: { name: "jctools-javadoc-4.0.5-150200.3.9.1.noarch", product_id: "jctools-javadoc-4.0.5-150200.3.9.1.noarch", }, }, { category: "product_version", name: "moditect-1.2.2-150200.5.3.1.noarch", product: { name: "moditect-1.2.2-150200.5.3.1.noarch", product_id: "moditect-1.2.2-150200.5.3.1.noarch", }, }, { category: "product_version", name: "moditect-javadoc-1.2.2-150200.5.3.1.noarch", product: { name: "moditect-javadoc-1.2.2-150200.5.3.1.noarch", product_id: "moditect-javadoc-1.2.2-150200.5.3.1.noarch", }, }, { category: "product_version", name: "netty-bom-4.1.115-150200.4.26.1.noarch", product: { name: "netty-bom-4.1.115-150200.4.26.1.noarch", product_id: "netty-bom-4.1.115-150200.4.26.1.noarch", }, }, { category: "product_version", name: "netty-javadoc-4.1.115-150200.4.26.1.noarch", product: { name: "netty-javadoc-4.1.115-150200.4.26.1.noarch", product_id: "netty-javadoc-4.1.115-150200.4.26.1.noarch", }, }, { category: "product_version", name: "netty-parent-4.1.115-150200.4.26.1.noarch", product: { name: "netty-parent-4.1.115-150200.4.26.1.noarch", product_id: "netty-parent-4.1.115-150200.4.26.1.noarch", }, }, { category: "product_version", name: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", product: { name: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", product_id: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "netty-4.1.115-150200.4.26.1.ppc64le", product: { name: "netty-4.1.115-150200.4.26.1.ppc64le", product_id: "netty-4.1.115-150200.4.26.1.ppc64le", }, }, { category: "product_version", name: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", product: { name: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", product_id: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", }, }, { category: "product_version", name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.ppc64le", product: { name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.ppc64le", product_id: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "netty-4.1.115-150200.4.26.1.s390x", product: { name: "netty-4.1.115-150200.4.26.1.s390x", product_id: "netty-4.1.115-150200.4.26.1.s390x", }, }, { category: "product_version", name: "netty-tcnative-2.0.69-150200.3.22.1.s390x", product: { name: "netty-tcnative-2.0.69-150200.3.22.1.s390x", product_id: "netty-tcnative-2.0.69-150200.3.22.1.s390x", }, }, { category: "product_version", name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.s390x", product: { name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.s390x", product_id: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "netty-4.1.115-150200.4.26.1.x86_64", product: { name: "netty-4.1.115-150200.4.26.1.x86_64", product_id: "netty-4.1.115-150200.4.26.1.x86_64", }, }, { category: "product_version", name: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", product: { name: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", product_id: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", }, }, { category: "product_version", name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.x86_64", product: { name: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.x86_64", product_id: "netty-tcnative-openssl-dynamic-2.0.69-150200.3.22.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP6", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP6", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp6", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product: { name: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Package Hub 15 SP6", product: { name: "SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.5", product: { name: "openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.5", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.s390x", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.s390x", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP6", }, { category: "default_component_of", full_product_name: { name: "jctools-4.0.5-150200.3.9.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:jctools-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.aarch64", }, product_reference: "netty-4.1.115-150200.4.26.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.ppc64le", }, product_reference: "netty-4.1.115-150200.4.26.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.s390x", }, product_reference: "netty-4.1.115-150200.4.26.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.x86_64", }, product_reference: "netty-4.1.115-150200.4.26.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-150200.4.26.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-javadoc-4.1.115-150200.4.26.1.noarch", }, product_reference: "netty-javadoc-4.1.115-150200.4.26.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "jctools-4.0.5-150200.3.9.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:jctools-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.aarch64", }, product_reference: "netty-4.1.115-150200.4.26.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.ppc64le", }, product_reference: "netty-4.1.115-150200.4.26.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.s390x", }, product_reference: "netty-4.1.115-150200.4.26.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.x86_64", }, product_reference: "netty-4.1.115-150200.4.26.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-150200.4.26.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.115-150200.4.26.1.noarch", }, product_reference: "netty-javadoc-4.1.115-150200.4.26.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "jctools-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:jctools-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "jctools-channels-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:jctools-channels-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-channels-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "jctools-experimental-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:jctools-experimental-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-experimental-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "jctools-javadoc-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:jctools-javadoc-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-javadoc-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.aarch64", }, product_reference: "netty-4.1.115-150200.4.26.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.ppc64le", }, product_reference: "netty-4.1.115-150200.4.26.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.s390x", }, product_reference: "netty-4.1.115-150200.4.26.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.x86_64", }, product_reference: "netty-4.1.115-150200.4.26.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-150200.4.26.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-javadoc-4.1.115-150200.4.26.1.noarch", }, product_reference: "netty-javadoc-4.1.115-150200.4.26.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.s390x", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", }, product_reference: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "jctools-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:jctools-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "jctools-channels-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:jctools-channels-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-channels-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "jctools-experimental-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:jctools-experimental-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-experimental-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "jctools-javadoc-4.0.5-150200.3.9.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:jctools-javadoc-4.0.5-150200.3.9.1.noarch", }, product_reference: "jctools-javadoc-4.0.5-150200.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.aarch64", }, product_reference: "netty-4.1.115-150200.4.26.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.ppc64le", }, product_reference: "netty-4.1.115-150200.4.26.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.s390x", }, product_reference: "netty-4.1.115-150200.4.26.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-150200.4.26.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.x86_64", }, product_reference: "netty-4.1.115-150200.4.26.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-150200.4.26.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-javadoc-4.1.115-150200.4.26.1.noarch", }, product_reference: "netty-javadoc-4.1.115-150200.4.26.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.s390x", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-2.0.69-150200.3.22.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", }, product_reference: "netty-tcnative-2.0.69-150200.3.22.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", }, product_reference: "netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-47535", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47535", }, ], notes: [ { category: "general", text: "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:jctools-4.0.5-150200.3.9.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-javadoc-4.1.115-150200.4.26.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP6:jctools-4.0.5-150200.3.9.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.5:jctools-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-channels-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-experimental-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-javadoc-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.aarch64", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.ppc64le", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.s390x", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.x86_64", "openSUSE Leap 15.5:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.s390x", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "openSUSE Leap 15.5:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", "openSUSE Leap 15.6:jctools-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-channels-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-experimental-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-javadoc-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.aarch64", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.ppc64le", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.s390x", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.x86_64", "openSUSE Leap 15.6:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.s390x", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-47535", url: "https://www.suse.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "SUSE Bug 1233297 for CVE-2024-47535", url: "https://bugzilla.suse.com/1233297", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:jctools-4.0.5-150200.3.9.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-javadoc-4.1.115-150200.4.26.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP6:jctools-4.0.5-150200.3.9.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.5:jctools-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-channels-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-experimental-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-javadoc-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.aarch64", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.ppc64le", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.s390x", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.x86_64", "openSUSE Leap 15.5:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.s390x", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "openSUSE Leap 15.5:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", "openSUSE Leap 15.6:jctools-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-channels-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-experimental-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-javadoc-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.aarch64", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.ppc64le", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.s390x", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.x86_64", "openSUSE Leap 15.6:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.s390x", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:jctools-4.0.5-150200.3.9.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-4.1.115-150200.4.26.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:netty-javadoc-4.1.115-150200.4.26.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP6:jctools-4.0.5-150200.3.9.1.noarch", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.115-150200.4.26.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.5:jctools-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-channels-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-experimental-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:jctools-javadoc-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.aarch64", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.ppc64le", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.s390x", "openSUSE Leap 15.5:netty-4.1.115-150200.4.26.1.x86_64", "openSUSE Leap 15.5:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.s390x", "openSUSE Leap 15.5:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "openSUSE Leap 15.5:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", "openSUSE Leap 15.6:jctools-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-channels-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-experimental-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:jctools-javadoc-4.0.5-150200.3.9.1.noarch", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.aarch64", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.ppc64le", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.s390x", "openSUSE Leap 15.6:netty-4.1.115-150200.4.26.1.x86_64", "openSUSE Leap 15.6:netty-javadoc-4.1.115-150200.4.26.1.noarch", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.aarch64", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.ppc64le", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.s390x", "openSUSE Leap 15.6:netty-tcnative-2.0.69-150200.3.22.1.x86_64", "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.69-150200.3.22.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-12-23T08:49:34Z", details: "moderate", }, ], title: "CVE-2024-47535", }, ], }
ncsc-2025-0021
Vulnerability from csaf_ncscnl
Notes
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communicatieproducten, waaronder Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function en Oracle Communications Order and Service Management.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om Denial of Service (DoS) aanvallen uit te voeren of om ongeautoriseerde toegang tot gevoelige gegevens te verkrijgen. Specifieke versies, zoals 24.2.0 en 24.3.0 van de Cloud Native Core Network Function, zijn bijzonder kwetsbaar. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal geprepareerde HTTP-verzoeken te sturen naar het kwetsbare systeem.", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, { category: "general", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, { category: "general", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, { category: "general", text: "Path Traversal: '.../...//'", title: "CWE-35", }, { category: "general", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "general", text: "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", title: "CWE-338", }, { category: "general", text: "Use of Potentially Dangerous Function", title: "CWE-676", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "general", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "general", text: "Use of Weak Hash", title: "CWE-328", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Insufficient Granularity of Access Control", title: "CWE-1220", }, { category: "general", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "general", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, { category: "general", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Improper Enforcement of Message Integrity During Transmission in a Communication Channel", title: "CWE-924", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, { category: "general", text: "Reachable Assertion", title: "CWE-617", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Use of Password Hash Instead of Password for Authentication", title: "CWE-836", }, { category: "general", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Relative Path Traversal", title: "CWE-23", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "general", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "User Interface (UI) Misrepresentation of Critical Information", title: "CWE-451", }, { category: "general", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Use of Hard-coded Credentials", title: "CWE-798", }, { category: "general", text: "Unrestricted Upload of File with Dangerous Type", title: "CWE-434", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Uncaught Exception", title: "CWE-248", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "Incorrect Authorization", title: "CWE-863", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Generation of Error Message Containing Sensitive Information", title: "CWE-209", }, { category: "general", text: "Incorrect Default Permissions", title: "CWE-276", }, { category: "general", text: "Authentication Bypass by Capture-replay", title: "CWE-294", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpujan2025.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Communications", tracking: { current_release_date: "2025-01-22T13:30:50.189632Z", id: "NCSC-2025-0021", initial_release_date: "2025-01-22T13:30:50.189632Z", revision_history: [ { date: "2025-01-22T13:30:50.189632Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1727475", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635313", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635305", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635311", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635312", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635323", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670430", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674632", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635320", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670439", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670429", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670435", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670431", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670436", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670432", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635321", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635310", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635318", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674642", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670434", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674639", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635314", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674637", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635307", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635319", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670438", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635315", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670433", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674641", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674636", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670437", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674631", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635308", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635309", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications__10.4.0.4", product: { name: "communications__10.4.0.4", product_id: "CSAFPID-1674629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.2", product: { name: "communications___23.4.2", product_id: "CSAFPID-1670442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.3", product: { name: "communications___23.4.3", product_id: "CSAFPID-1635325", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.4", product: { name: "communications___23.4.4", product_id: "CSAFPID-1635326", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.5", product: { name: "communications___23.4.5", product_id: "CSAFPID-1674645", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.6", product: { name: "communications___23.4.6", product_id: "CSAFPID-1674646", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___24.2.0", product: { name: "communications___24.2.0", product_id: "CSAFPID-1674644", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___7.2.1.0.0", product: { name: "communications___7.2.1.0.0", product_id: "CSAFPID-1670441", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.6", product: { name: "communications___8.6.0.6", product_id: "CSAFPID-1635327", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.8", product: { name: "communications___8.6.0.8", product_id: "CSAFPID-1635328", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.2", product: { name: "communications___9.0.2", product_id: "CSAFPID-1670440", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.3", product: { name: "communications___9.0.3", product_id: "CSAFPID-1635329", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.1.1.8.0", product: { name: "communications___9.1.1.8.0", product_id: "CSAFPID-1674643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674621", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751381", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751383", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751378", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751377", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674618", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674619", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674617", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674623", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751382", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.0.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751380", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751379", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1.0.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674620", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___12.0.6.0.0", product: { name: "communications_applications___12.0.6.0.0", product_id: "CSAFPID-1674627", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___5.5.22", product: { name: "communications_applications___5.5.22", product_id: "CSAFPID-1674626", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.3", product: { name: "communications_applications___6.0.3", product_id: "CSAFPID-1674628", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.4", product: { name: "communications_applications___6.0.4", product_id: "CSAFPID-1674624", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.5", product: { name: "communications_applications___6.0.5", product_id: "CSAFPID-1674625", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-816792", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-764735", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-1751255", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-1751254", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-816793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-912557", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-764247", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-1650820", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-912556", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-1751303", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220055", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1503577", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1751300", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-764237", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1650752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1673396", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1751085", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1751079", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673526", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673391", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1751253", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816768", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816769", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-912085", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1503578", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673389", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1751090", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673421", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673420", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1751246", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816770", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816771", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-912068", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-1503579", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-816772", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-912076", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-1503580", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-219838", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-611387", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-816773", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912101", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1503581", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1751208", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1751209", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912539", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912540", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912541", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912542", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912543", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816346", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912077", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1503322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673415", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1751231", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816775", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912544", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816348", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-912545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816347", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-1673494", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-764240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1650751", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673395", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-912069", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1751225", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1751088", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1751089", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-94291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-816778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-614517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673392", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1503582", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673393", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1751081", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1751084", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-224795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912102", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912549", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503583", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503585", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1672767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1751241", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-90016", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912078", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816349", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1673399", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751080", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751082", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-1751229", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-1751230", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503599", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-1751292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-1751294", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-224793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-1751295", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-816794", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-342793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1650777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1265", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-816350", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1261", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-1672764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1503588", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751104", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-40293", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751237", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751097", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-611413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751211", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912551", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912552", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1751243", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:47.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-764242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-819413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-819414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.2.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-816780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816782", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-912553", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-219803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-204622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-219909", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-816351", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-1751218", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_metasolv_solution", product: { name: "communications_metasolv_solution", product_id: "CSAFPID-611595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816353", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816352", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503589", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1673414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816783", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816786", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816785", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816788", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-342803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1650778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1266", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-816354", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-204563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-219776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-765242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-916906", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-1751247", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-1751248", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-93781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-220132", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-912079", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-224790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-221118", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-1673496", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence", product: { name: "communications_performance_intelligence", product_id: "CSAFPID-1503591", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816789", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-764738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-816355", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816359", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816358", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816357", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-912558", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1751233", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503602", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1751234", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816796", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816797", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503592", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503593", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1672762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503594", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-342804", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-819415", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-819416", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-816791", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-240600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673382", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1650731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673530", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1751235", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.1-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1751296", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-764739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-8984", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204569", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-219826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-912073", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503596", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503597", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503598", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1751217", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-912080", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1673481", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1751258", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-912554", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2022-41727", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2022-41727", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41727.json", }, ], title: "CVE-2022-41727", }, { cve: "CVE-2023-4408", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-4408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4408.json", }, ], title: "CVE-2023-4408", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2023-5678", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json", }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5981", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, ], product_status: { known_affected: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751217", "CSAFPID-1673481", ], }, references: [ { category: "self", summary: "CVE-2023-5981", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5981.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751217", "CSAFPID-1673481", ], }, ], title: "CVE-2023-5981", }, { cve: "CVE-2023-6597", cwe: { id: "CWE-61", name: "UNIX Symbolic Link (Symlink) Following", }, notes: [ { category: "other", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751097", ], }, references: [ { category: "self", summary: "CVE-2023-6597", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751097", ], }, ], title: "CVE-2023-6597", }, { cve: "CVE-2023-7256", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2023-7256", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7256.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, ], title: "CVE-2023-7256", }, { cve: "CVE-2023-29407", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2023-29407", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29407.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2023-29407", }, { cve: "CVE-2023-29408", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2023-29408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29408.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2023-29408", }, { cve: "CVE-2023-40577", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2023-40577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-40577.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, ], title: "CVE-2023-40577", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-201", name: "Insertion of Sensitive Information Into Sent Data", }, notes: [ { category: "other", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, references: [ { category: "self", summary: "CVE-2023-46218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46218.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, references: [ { category: "self", summary: "CVE-2023-46219", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46219.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2023-46604", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-219826", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751104", ], }, references: [ { category: "self", summary: "CVE-2023-46604", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46604.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-219826", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751104", ], }, ], title: "CVE-2023-46604", }, { cve: "CVE-2023-50868", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-50868", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50868.json", }, ], title: "CVE-2023-50868", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650777", "CSAFPID-1650778", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751218", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-0232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json", }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0397", product_status: { known_affected: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-0397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, ], title: "CVE-2024-0397", }, { cve: "CVE-2024-0450", cwe: { id: "CWE-450", name: "Multiple Interpretations of UI Input", }, notes: [ { category: "other", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "other", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", ], }, references: [ { category: "self", summary: "CVE-2024-0450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", ], }, ], title: "CVE-2024-0450", }, { cve: "CVE-2024-1442", cwe: { id: "CWE-269", name: "Improper Privilege Management", }, notes: [ { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-1442", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1442.json", }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-1442", }, { cve: "CVE-2024-2961", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1672762", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1673396", "CSAFPID-1673395", "CSAFPID-1673494", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-2961", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1672762", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1673396", "CSAFPID-1673395", "CSAFPID-1673494", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", "CSAFPID-1751237", ], }, ], title: "CVE-2024-2961", }, { cve: "CVE-2024-3596", cwe: { id: "CWE-924", name: "Improper Enforcement of Message Integrity During Transmission in a Communication Channel", }, notes: [ { category: "other", text: "Improper Enforcement of Message Integrity During Transmission in a Communication Channel", title: "CWE-924", }, { category: "other", text: "Use of Weak Hash", title: "CWE-328", }, { category: "other", text: "Authentication Bypass by Capture-replay", title: "CWE-294", }, { category: "other", text: "Use of Password Hash Instead of Password for Authentication", title: "CWE-836", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "other", text: "User Interface (UI) Misrepresentation of Critical Information", title: "CWE-451", }, { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, ], product_status: { known_affected: [ "CSAFPID-1751090", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-1751253", ], }, references: [ { category: "self", summary: "CVE-2024-3596", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-3596.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751090", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-1751253", ], }, ], title: "CVE-2024-3596", }, { cve: "CVE-2024-4030", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "other", text: "Incorrect Default Permissions", title: "CWE-276", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-4030", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2024-4030", }, { cve: "CVE-2024-4032", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, notes: [ { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-4032", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2024-4032", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, ], product_status: { known_affected: [ "CSAFPID-1751090", "CSAFPID-1751253", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751090", "CSAFPID-1751253", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751209", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6162", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751303", "CSAFPID-1650820", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-6162", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751303", "CSAFPID-1650820", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-6162", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7254", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751233", "CSAFPID-1673530", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-7254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751233", "CSAFPID-1673530", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-7254", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-7885", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, ], product_status: { known_affected: [ "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1751080", "CSAFPID-1751090", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, references: [ { category: "self", summary: "CVE-2024-7885", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7885.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1751080", "CSAFPID-1751090", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, ], title: "CVE-2024-7885", }, { cve: "CVE-2024-8006", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-8006", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8006.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, ], title: "CVE-2024-8006", }, { cve: "CVE-2024-9143", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1751253", ], }, references: [ { category: "self", summary: "CVE-2024-9143", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json", }, ], title: "CVE-2024-9143", }, { cve: "CVE-2024-22195", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-22195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751085", ], }, ], title: "CVE-2024-22195", }, { cve: "CVE-2024-24786", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-24786", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24786.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-24786", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2024-24791", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24791.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, ], title: "CVE-2024-24791", }, { cve: "CVE-2024-25638", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "other", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751229", "CSAFPID-1751230", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, references: [ { category: "self", summary: "CVE-2024-25638", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json", }, ], scores: [ { cvss_v3: { baseScore: 8.9, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751229", "CSAFPID-1751230", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, ], title: "CVE-2024-25638", }, { cve: "CVE-2024-25710", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912101", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", ], }, references: [ { category: "self", summary: "CVE-2024-25710", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912101", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", ], }, ], title: "CVE-2024-25710", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-27309", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Incorrect Authorization", title: "CWE-863", }, ], product_status: { known_affected: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-27309", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27309.json", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-27309", }, { cve: "CVE-2024-28219", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "other", text: "Use of Potentially Dangerous Function", title: "CWE-676", }, { category: "other", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, ], product_status: { known_affected: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1751085", "CSAFPID-912547", ], }, references: [ { category: "self", summary: "CVE-2024-28219", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1751085", "CSAFPID-912547", ], }, ], title: "CVE-2024-28219", }, { cve: "CVE-2024-28834", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-28834", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28834.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, ], title: "CVE-2024-28834", }, { cve: "CVE-2024-28835", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "other", text: "Uncaught Exception", title: "CWE-248", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-28835", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28835.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, ], title: "CVE-2024-28835", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751235", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751235", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751233", "CSAFPID-1751218", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751233", "CSAFPID-1751218", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-33599", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33599", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33599.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33599", }, { cve: "CVE-2024-33600", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33600", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33600.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33600", }, { cve: "CVE-2024-33601", cwe: { id: "CWE-703", name: "Improper Check or Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33601", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33601.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33601", }, { cve: "CVE-2024-33602", cwe: { id: "CWE-466", name: "Return of Pointer Value Outside of Expected Range", }, notes: [ { category: "other", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "other", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33602", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33602", }, { cve: "CVE-2024-34064", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751238", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-1751082", "CSAFPID-1751240", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1673481", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-34064", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751238", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-1751082", "CSAFPID-1751240", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1673481", "CSAFPID-1751085", ], }, ], title: "CVE-2024-34064", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751242", "CSAFPID-1751243", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751242", "CSAFPID-1751243", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751085", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-35195", cwe: { id: "CWE-670", name: "Always-Incorrect Control Flow Implementation", }, notes: [ { category: "other", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, ], product_status: { known_affected: [ "CSAFPID-1751246", "CSAFPID-1751247", "CSAFPID-1751248", "CSAFPID-1673530", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-220132", "CSAFPID-1751082", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-912079", "CSAFPID-916906", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-35195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751246", "CSAFPID-1751247", "CSAFPID-1751248", "CSAFPID-1673530", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-220132", "CSAFPID-1751082", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-912079", "CSAFPID-916906", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-35195", }, { cve: "CVE-2024-37370", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", ], }, references: [ { category: "self", summary: "CVE-2024-37370", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", ], }, ], title: "CVE-2024-37370", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751254", "CSAFPID-1673530", "CSAFPID-1751217", "CSAFPID-1751255", "CSAFPID-816790", "CSAFPID-1751258", "CSAFPID-1673481", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751254", "CSAFPID-1673530", "CSAFPID-1751217", "CSAFPID-1751255", "CSAFPID-816790", "CSAFPID-1751258", "CSAFPID-1673481", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Path Traversal: '.../...//'", title: "CWE-35", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Use of Hard-coded Credentials", title: "CWE-798", }, { category: "other", text: "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", title: "CWE-338", }, ], references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38807", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, ], product_status: { known_affected: [ "CSAFPID-1751090", "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-38807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38807.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751090", "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-38807", }, { cve: "CVE-2024-38809", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673393", ], }, references: [ { category: "self", summary: "CVE-2024-38809", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json", }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-1673393", ], }, ], title: "CVE-2024-38809", }, { cve: "CVE-2024-38816", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Relative Path Traversal", title: "CWE-23", }, ], product_status: { known_affected: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751082", "CSAFPID-1751225", ], }, references: [ { category: "self", summary: "CVE-2024-38816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751082", "CSAFPID-1751225", ], }, ], title: "CVE-2024-38816", }, { cve: "CVE-2024-38819", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751081", "CSAFPID-1751082", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", ], }, references: [ { category: "self", summary: "CVE-2024-38819", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751081", "CSAFPID-1751082", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", ], }, ], title: "CVE-2024-38819", }, { cve: "CVE-2024-38820", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751080", "CSAFPID-1751082", "CSAFPID-1751085", "CSAFPID-1672767", "CSAFPID-1751241", ], }, references: [ { category: "self", summary: "CVE-2024-38820", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751080", "CSAFPID-1751082", "CSAFPID-1751085", "CSAFPID-1672767", "CSAFPID-1751241", ], }, ], title: "CVE-2024-38820", }, { cve: "CVE-2024-38827", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-38827", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json", }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-38827", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-41817", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220132", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-41817", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220132", "CSAFPID-912079", ], }, ], title: "CVE-2024-41817", }, { cve: "CVE-2024-45490", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "other", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-45490", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, ], title: "CVE-2024-45490", }, { cve: "CVE-2024-45491", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-45491", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, ], title: "CVE-2024-45491", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1673414", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1673414", "CSAFPID-1503590", ], }, ], title: "CVE-2024-45492", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-47535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47535.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-47535", }, { cve: "CVE-2024-47554", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1751292", "CSAFPID-1751234", "CSAFPID-1751294", "CSAFPID-1751233", "CSAFPID-1751295", "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-47554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751292", "CSAFPID-1751234", "CSAFPID-1751294", "CSAFPID-1751233", "CSAFPID-1751295", "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-47554", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-47561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-47561", }, { cve: "CVE-2024-47803", cwe: { id: "CWE-209", name: "Generation of Error Message Containing Sensitive Information", }, notes: [ { category: "other", text: "Generation of Error Message Containing Sensitive Information", title: "CWE-209", }, ], product_status: { known_affected: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-47803", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47803.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, ], title: "CVE-2024-47803", }, { cve: "CVE-2024-47804", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "other", text: "Incorrect Authorization", title: "CWE-863", }, { category: "other", text: "Insufficient Granularity of Access Control", title: "CWE-1220", }, { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-47804", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47804.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, ], title: "CVE-2024-47804", }, { cve: "CVE-2024-49766", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751246", "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2024-49766", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49766.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751246", "CSAFPID-1751209", ], }, ], title: "CVE-2024-49766", }, { cve: "CVE-2024-49767", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751080", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751082", "CSAFPID-1751300", "CSAFPID-1751246", "CSAFPID-1751209", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, references: [ { category: "self", summary: "CVE-2024-49767", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49767.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751080", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751082", "CSAFPID-1751300", "CSAFPID-1751246", "CSAFPID-1751209", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, ], title: "CVE-2024-49767", }, { cve: "CVE-2024-50379", cwe: { id: "CWE-367", name: "Time-of-check Time-of-use (TOCTOU) Race Condition", }, notes: [ { category: "other", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-50379", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50379.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-50379", }, { cve: "CVE-2024-50602", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751082", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-50602", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751082", "CSAFPID-1751085", ], }, ], title: "CVE-2024-50602", }, { cve: "CVE-2024-53677", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Unrestricted Upload of File with Dangerous Type", title: "CWE-434", }, { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-53677", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53677.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-53677", }, { cve: "CVE-2024-54677", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-54677", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54677.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-54677", }, { cve: "CVE-2024-56337", cwe: { id: "CWE-367", name: "Time-of-check Time-of-use (TOCTOU) Race Condition", }, notes: [ { category: "other", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-56337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-56337", }, { cve: "CVE-2025-21542", product_status: { known_affected: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2025-21542", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21542.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2025-21542", }, { cve: "CVE-2025-21544", product_status: { known_affected: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2025-21544", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21544.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2025-21544", }, { cve: "CVE-2025-21554", product_status: { known_affected: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2025-21554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21554.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2025-21554", }, ], }
ghsa-xq3w-v528-46rv
Vulnerability from github
5.4 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
Summary
An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash.
Details
When the library netty is loaded in a java windows application, the library tries to identify the system environnement in which it is executed.
At this stage, Netty tries to load both /etc/os-release
and /usr/lib/os-release
even though it is in a Windows environment.
If netty finds this files, it reads them and loads them into memory.
By default :
- The JVM maximum memory size is set to 1 GB,
- A non-privileged user can create a directory at
C:\
and create files within it.
the source code identified : https://github.com/netty/netty/blob/4.1/common/src/main/java/io/netty/util/internal/PlatformDependent.java
Despite the implementation of the function normalizeOs()
the source code not verify the OS before reading C:\etc\os-release
and C:\usr\lib\os-release
.
PoC
Create a file larger than 1 GB of data in C:\etc\os-release
or C:\usr\lib\os-release
on a Windows environnement and start your Netty application.
To observe what the application does with the file, the security analyst used "Process Monitor" from the "Windows SysInternals" suite. (https://learn.microsoft.com/en-us/sysinternals/)
cd C:\etc
fsutil file createnew os-release 3000000000
The source code used is the Netty website code example : Echo ‐ the very basic client and server.
The vulnerability was tested on the 4.1.112.Final version.
The security analyst tried the same technique for C:\proc\sys\net\core\somaxconn
with a lot of values to impact Netty but the only things that works is the "larger than 1 GB file" technique. https://github.com/netty/netty/blob/c0fdb8e9f8f256990e902fcfffbbe10754d0f3dd/common/src/main/java/io/netty/util/NetUtil.java#L186
Impact
By loading the "file larger than 1 GB" into the memory, the Netty library exceeds the JVM memory limit and causes a crash in the java Windows application.
This behaviour occurs 100% of the time in both Server mode and Client mode if the large file exists.
Client mode :
Server mode :
somaxconn :
Severity
- Attack vector : "Local" because the attacker needs to be on the system where the Netty application is running.
- Attack complexity : "Low" because the attacker only need to create a massive file (regardless of its contents).
- Privileges required : "Low" because the attacker requires a user account to exploit the vulnerability.
- User intercation : "None" because the administrator don't need to accidentally click anywhere to trigger the vulnerability. Furthermore, the exploitation works with defaults windows/AD settings.
- Scope : "Unchanged" because only Netty is affected by the vulnerability.
- Confidentiality : "None" because no data is exposed through exploiting the vulnerability.
- Integrity : "None" because the explotation of the vulnerability does not allow editing, deleting or adding data elsewhere.
- Availability : "High" because the exploitation of this vulnerability crashes the entire java application.
{ affected: [ { database_specific: { last_known_affected_version_range: "<= 4.1.114.Final", }, package: { ecosystem: "Maven", name: "io.netty:netty-common", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "4.1.115.Final", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2024-47535", ], database_specific: { cwe_ids: [ "CWE-400", ], github_reviewed: true, github_reviewed_at: "2024-11-12T19:53:17Z", nvd_published_at: "2024-11-12T16:15:22Z", severity: "MODERATE", }, details: "### Summary\n\nAn unsafe reading of environment file could potentially cause a denial of service in Netty.\nWhen loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash.\n\n\n### Details\n\nWhen the library netty is loaded in a java windows application, the library tries to identify the system environnement in which it is executed.\n\nAt this stage, Netty tries to load both `/etc/os-release` and `/usr/lib/os-release` even though it is in a Windows environment. \n\n<img width=\"364\" alt=\"1\" src=\"https://github.com/user-attachments/assets/9466b181-9394-45a3-b0e3-1dcf105def59\">\n\nIf netty finds this files, it reads them and loads them into memory.\n\nBy default :\n\n- The JVM maximum memory size is set to 1 GB,\n- A non-privileged user can create a directory at `C:\\` and create files within it.\n\n<img width=\"340\" alt=\"2\" src=\"https://github.com/user-attachments/assets/43b359a2-5871-4592-ae2b-ffc40ac76831\">\n\n<img width=\"523\" alt=\"3\" src=\"https://github.com/user-attachments/assets/ad5c6eed-451c-4513-92d5-ba0eee7715c1\">\n\nthe source code identified :\nhttps://github.com/netty/netty/blob/4.1/common/src/main/java/io/netty/util/internal/PlatformDependent.java\n\nDespite the implementation of the function `normalizeOs()` the source code not verify the OS before reading `C:\\etc\\os-release` and `C:\\usr\\lib\\os-release`.\n\n### PoC\n\nCreate a file larger than 1 GB of data in `C:\\etc\\os-release` or `C:\\usr\\lib\\os-release` on a Windows environnement and start your Netty application.\n\nTo observe what the application does with the file, the security analyst used \"Process Monitor\" from the \"Windows SysInternals\" suite. (https://learn.microsoft.com/en-us/sysinternals/)\n\n```\ncd C:\\etc\nfsutil file createnew os-release 3000000000\n```\n\n<img width=\"519\" alt=\"4\" src=\"https://github.com/user-attachments/assets/39df22a3-462b-4fd0-af9a-aa30077ec08f\">\n\n<img width=\"517\" alt=\"5\" src=\"https://github.com/user-attachments/assets/129dbd50-fc36-4da5-8eb1-582123fb528f\">\n\nThe source code used is the Netty website code example : [Echo ‐ the very basic client and server](https://netty.io/4.1/xref/io/netty/example/echo/package-summary.html).\n\nThe vulnerability was tested on the 4.1.112.Final version.\n\nThe security analyst tried the same technique for `C:\\proc\\sys\\net\\core\\somaxconn` with a lot of values to impact Netty but the only things that works is the \"larger than 1 GB file\" technique. https://github.com/netty/netty/blob/c0fdb8e9f8f256990e902fcfffbbe10754d0f3dd/common/src/main/java/io/netty/util/NetUtil.java#L186\n\n### Impact\n\nBy loading the \"file larger than 1 GB\" into the memory, the Netty library exceeds the JVM memory limit and causes a crash in the java Windows application.\n\nThis behaviour occurs 100% of the time in both Server mode and Client mode if the large file exists.\n\nClient mode :\n\n<img width=\"449\" alt=\"6\" src=\"https://github.com/user-attachments/assets/f8fe1ed0-1a42-4490-b9ed-dbc9af7804be\">\n\nServer mode :\n\n<img width=\"464\" alt=\"7\" src=\"https://github.com/user-attachments/assets/b34b42bd-4fbd-4170-b93a-d29ba87b88eb\">\n\nsomaxconn :\n\n<img width=\"532\" alt=\"8\" src=\"https://github.com/user-attachments/assets/0656b3bb-32c6-4ae2-bff7-d93babba08a3\">\n\n### Severity\n\n- Attack vector : \"Local\" because the attacker needs to be on the system where the Netty application is running.\n- Attack complexity : \"Low\" because the attacker only need to create a massive file (regardless of its contents).\n- Privileges required : \"Low\" because the attacker requires a user account to exploit the vulnerability.\n- User intercation : \"None\" because the administrator don't need to accidentally click anywhere to trigger the vulnerability. Furthermore, the exploitation works with defaults windows/AD settings.\n- Scope : \"Unchanged\" because only Netty is affected by the vulnerability.\n- Confidentiality : \"None\" because no data is exposed through exploiting the vulnerability.\n- Integrity : \"None\" because the explotation of the vulnerability does not allow editing, deleting or adding data elsewhere.\n- Availability : \"High\" because the exploitation of this vulnerability crashes the entire java application.", id: "GHSA-xq3w-v528-46rv", modified: "2025-02-18T15:57:45Z", published: "2024-11-12T19:53:17Z", references: [ { type: "WEB", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { type: "WEB", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { type: "PACKAGE", url: "https://github.com/netty/netty", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P", type: "CVSS_V4", }, ], summary: "Denial of Service attack on windows app using netty", }
fkie_cve-2024-47535
Vulnerability from fkie_nvd
Vendor | Product | Version |
---|
{ cveTags: [], descriptions: [ { lang: "en", value: "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", }, { lang: "es", value: "Netty es un framework de trabajo de aplicación de red asincrónico controlado por eventos para el desarrollo rápido de servidores y clientes de protocolo de alto rendimiento y mantenibles. Una lectura no segura de un archivo de entorno podría provocar una denegación de servicio en Netty. Cuando se carga en una aplicación de Windows, Netty intenta cargar un archivo que no existe. Si un atacante crea un archivo tan grande, la aplicación Netty se bloquea. Esta vulnerabilidad se corrigió en 4.1.115.", }, ], id: "CVE-2024-47535", lastModified: "2024-11-13T17:01:58.603", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2024-11-12T16:15:22.237", references: [ { source: "security-advisories@github.com", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { source: "security-advisories@github.com", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "security-advisories@github.com", type: "Secondary", }, ], }
opensuse-su-2024:14549-1
Vulnerability from csaf_opensuse
Notes
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "netty-4.1.115-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the netty-4.1.115-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14549", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14549-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2024:14549-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N6JPLRXAKIADZN6EBOT2IKFSY32LAPDI/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2024:14549-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N6JPLRXAKIADZN6EBOT2IKFSY32LAPDI/", }, { category: "self", summary: "SUSE CVE CVE-2024-47535 page", url: "https://www.suse.com/security/cve/CVE-2024-47535/", }, ], title: "netty-4.1.115-1.1 on GA media", tracking: { current_release_date: "2024-12-05T00:00:00Z", generator: { date: "2024-12-05T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14549-1", initial_release_date: "2024-12-05T00:00:00Z", revision_history: [ { date: "2024-12-05T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "netty-4.1.115-1.1.aarch64", product: { name: "netty-4.1.115-1.1.aarch64", product_id: "netty-4.1.115-1.1.aarch64", }, }, { category: "product_version", name: "netty-bom-4.1.115-1.1.aarch64", product: { name: "netty-bom-4.1.115-1.1.aarch64", product_id: "netty-bom-4.1.115-1.1.aarch64", }, }, { category: "product_version", name: "netty-javadoc-4.1.115-1.1.aarch64", product: { name: "netty-javadoc-4.1.115-1.1.aarch64", product_id: "netty-javadoc-4.1.115-1.1.aarch64", }, }, { category: "product_version", name: "netty-parent-4.1.115-1.1.aarch64", product: { name: "netty-parent-4.1.115-1.1.aarch64", product_id: "netty-parent-4.1.115-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "netty-4.1.115-1.1.ppc64le", product: { name: "netty-4.1.115-1.1.ppc64le", product_id: "netty-4.1.115-1.1.ppc64le", }, }, { category: "product_version", name: "netty-bom-4.1.115-1.1.ppc64le", product: { name: "netty-bom-4.1.115-1.1.ppc64le", product_id: "netty-bom-4.1.115-1.1.ppc64le", }, }, { category: "product_version", name: "netty-javadoc-4.1.115-1.1.ppc64le", product: { name: "netty-javadoc-4.1.115-1.1.ppc64le", product_id: "netty-javadoc-4.1.115-1.1.ppc64le", }, }, { category: "product_version", name: "netty-parent-4.1.115-1.1.ppc64le", product: { name: "netty-parent-4.1.115-1.1.ppc64le", product_id: "netty-parent-4.1.115-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "netty-4.1.115-1.1.s390x", product: { name: "netty-4.1.115-1.1.s390x", product_id: "netty-4.1.115-1.1.s390x", }, }, { category: "product_version", name: "netty-bom-4.1.115-1.1.s390x", product: { name: "netty-bom-4.1.115-1.1.s390x", product_id: "netty-bom-4.1.115-1.1.s390x", }, }, { category: "product_version", name: "netty-javadoc-4.1.115-1.1.s390x", product: { name: "netty-javadoc-4.1.115-1.1.s390x", product_id: "netty-javadoc-4.1.115-1.1.s390x", }, }, { category: "product_version", name: "netty-parent-4.1.115-1.1.s390x", product: { name: "netty-parent-4.1.115-1.1.s390x", product_id: "netty-parent-4.1.115-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "netty-4.1.115-1.1.x86_64", product: { name: "netty-4.1.115-1.1.x86_64", product_id: "netty-4.1.115-1.1.x86_64", }, }, { category: "product_version", name: "netty-bom-4.1.115-1.1.x86_64", product: { name: "netty-bom-4.1.115-1.1.x86_64", product_id: "netty-bom-4.1.115-1.1.x86_64", }, }, { category: "product_version", name: "netty-javadoc-4.1.115-1.1.x86_64", product: { name: "netty-javadoc-4.1.115-1.1.x86_64", product_id: "netty-javadoc-4.1.115-1.1.x86_64", }, }, { category: "product_version", name: "netty-parent-4.1.115-1.1.x86_64", product: { name: "netty-parent-4.1.115-1.1.x86_64", product_id: "netty-parent-4.1.115-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "netty-4.1.115-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-4.1.115-1.1.aarch64", }, product_reference: "netty-4.1.115-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-4.1.115-1.1.ppc64le", }, product_reference: "netty-4.1.115-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-4.1.115-1.1.s390x", }, product_reference: "netty-4.1.115-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-4.1.115-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-4.1.115-1.1.x86_64", }, product_reference: "netty-4.1.115-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-bom-4.1.115-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.aarch64", }, product_reference: "netty-bom-4.1.115-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-bom-4.1.115-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.ppc64le", }, product_reference: "netty-bom-4.1.115-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-bom-4.1.115-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.s390x", }, product_reference: "netty-bom-4.1.115-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-bom-4.1.115-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.x86_64", }, product_reference: "netty-bom-4.1.115-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.aarch64", }, product_reference: "netty-javadoc-4.1.115-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.ppc64le", }, product_reference: "netty-javadoc-4.1.115-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.s390x", }, product_reference: "netty-javadoc-4.1.115-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-javadoc-4.1.115-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.x86_64", }, product_reference: "netty-javadoc-4.1.115-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-parent-4.1.115-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.aarch64", }, product_reference: "netty-parent-4.1.115-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-parent-4.1.115-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.ppc64le", }, product_reference: "netty-parent-4.1.115-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-parent-4.1.115-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.s390x", }, product_reference: "netty-parent-4.1.115-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "netty-parent-4.1.115-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.x86_64", }, product_reference: "netty-parent-4.1.115-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2024-47535", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47535", }, ], notes: [ { category: "general", text: "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:netty-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47535", url: "https://www.suse.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "SUSE Bug 1233297 for CVE-2024-47535", url: "https://bugzilla.suse.com/1233297", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:netty-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:netty-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-bom-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-javadoc-4.1.115-1.1.x86_64", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.aarch64", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.ppc64le", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.s390x", "openSUSE Tumbleweed:netty-parent-4.1.115-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-05T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47535", }, ], }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.