Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-47535
Vulnerability from cvelistv5
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:netty:netty:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "netty", vendor: "netty", versions: [ { lessThan: "4.1.115", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-47535", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T20:43:58.714521Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T20:44:41.743Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "netty", vendor: "netty", versions: [ { status: "affected", version: "< 4.1.115", }, ], }, ], descriptions: [ { lang: "en", value: "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T15:50:08.334Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, { name: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", tags: [ "x_refsource_MISC", ], url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, ], source: { advisory: "GHSA-xq3w-v528-46rv", discovery: "UNKNOWN", }, title: "Denial of Service attack on windows app using Netty", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-47535", datePublished: "2024-11-12T15:50:08.334Z", dateReserved: "2024-09-25T21:46:10.929Z", dateUpdated: "2024-11-13T20:44:41.743Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-47535\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-11-12T16:15:22.237\",\"lastModified\":\"2024-11-13T17:01:58.603\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.\"},{\"lang\":\"es\",\"value\":\"Netty es un framework de trabajo de aplicación de red asincrónico controlado por eventos para el desarrollo rápido de servidores y clientes de protocolo de alto rendimiento y mantenibles. Una lectura no segura de un archivo de entorno podría provocar una denegación de servicio en Netty. Cuando se carga en una aplicación de Windows, Netty intenta cargar un archivo que no existe. Si un atacante crea un archivo tan grande, la aplicación Netty se bloquea. Esta vulnerabilidad se corrigió en 4.1.115.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\",\"source\":\"security-advisories@github.com\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47535\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T20:43:58.714521Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:netty:netty:-:*:*:*:*:*:*:*\"], \"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.1.115\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T20:44:36.110Z\"}}], \"cna\": {\"title\": \"Denial of Service attack on windows app using Netty\", \"source\": {\"advisory\": \"GHSA-xq3w-v528-46rv\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"< 4.1.115\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3\", \"name\": \"https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-11-12T15:50:08.334Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-47535\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T20:44:41.743Z\", \"dateReserved\": \"2024-09-25T21:46:10.929Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-11-12T15:50:08.334Z\", \"assignerShortName\": \"GitHub_M\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
rhsa-2025:3465
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)\n\n* netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine (CVE-2025-24970)\n\n* org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3465", url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3465.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.21 security update", tracking: { current_release_date: "2025-04-02T20:23:54+00:00", generator: { date: "2025-04-02T20:23:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3465", initial_release_date: "2025-04-01T13:12:18+00:00", revision_history: [ { date: "2025-04-01T13:12:18+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-01T13:12:18+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T20:23:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 8", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", }, }, }, { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 9", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00004.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00004.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.119-1.Final_redhat_00004.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00004.1.el9eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.119-1.Final_redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.21-3.GA_29548_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.119-1.Final_redhat_00004.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.21-3.GA_29548_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.119-1.Final_redhat_00004.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.21-3.GA_29548_redhat_00001.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", }, product_reference: "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { acknowledgments: [ { names: [ "Claudia Bartolini", "Marco Ventura", "Massimiliano Brolli", ], organization: "TIM S.p.A", }, ], cve: "CVE-2025-23367", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2025-01-14T14:56:46.389000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2337620", }, ], notes: [ { category: "description", text: "A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.", title: "Vulnerability description", }, { category: "summary", text: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has evaluated this issue and the attacker must be authenticated as a user that belongs to the \"Monitor\" or \"Auditor\" management groups. It requires previous privileges to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-23367", }, { category: "external", summary: "RHBZ#2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-23367", url: "https://www.cve.org/CVERecord?id=CVE-2025-23367", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", }, { category: "external", summary: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", url: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", }, ], release_date: "2025-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:12:18+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3465", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00004.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.119-1.Final_redhat_00004.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:2416
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] \"(CVE-2023-52428)\"\n\n* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] \"(CVE-2024-47535)\"\n\n* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] \"(CVE-2024-31141)\"\n\n* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] \"(CVE-2024-47554)\"\n\n* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] \"(CVE-2024-8184)\"\n\n* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \"(CVE-2024-8184)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] \"(CVE-2024-9355)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] \"(CVE-2024-24791)\"", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:2416", url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "2315719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315719", }, { category: "external", summary: "2316271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316271", }, { category: "external", summary: "2318564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318564", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2327264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2327264", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2416.json", }, ], title: "Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update", tracking: { current_release_date: "2025-04-03T08:33:45+00:00", generator: { date: "2025-04-03T08:33:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:2416", initial_release_date: "2025-03-05T20:59:06+00:00", revision_history: [ { date: "2025-03-05T20:59:06+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-05T20:59:06+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-03T08:33:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Streams for Apache Kafka 2.9.0", product: { name: "Streams for Apache Kafka 2.9.0", product_id: "Streams for Apache Kafka 2.9.0", product_identification_helper: { cpe: "cpe:/a:redhat:amq_streams:2", }, }, }, ], category: "product_family", name: "Streams for Apache Kafka", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-09-04T17:02:58.468000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2309764", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52428", }, { category: "external", summary: "RHBZ#2309764", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2309764", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52428", url: "https://www.cve.org/CVERecord?id=CVE-2023-52428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", }, ], release_date: "2024-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", }, { cve: "CVE-2024-8184", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-10-14T16:01:01.239238+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2318564", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty's ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.", title: "Vulnerability description", }, { category: "summary", text: "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8184", }, { category: "external", summary: "RHBZ#2318564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2318564", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8184", url: "https://www.cve.org/CVERecord?id=CVE-2024-8184", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8184", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8184", }, { category: "external", summary: "https://github.com/jetty/jetty.project/pull/11723", url: "https://github.com/jetty/jetty.project/pull/11723", }, { category: "external", summary: "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq", url: "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq", }, { category: "external", summary: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30", url: "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30", }, ], release_date: "2024-10-14T15:09:37.861000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Streams for Apache Kafka 2.9.0", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks", }, { acknowledgments: [ { names: [ "David Benoit", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2024-9355", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, discovery_date: "2024-09-30T17:51:17.811000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2315719", }, ], notes: [ { category: "description", text: "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This may have follow-on implications for the Go TLS stack.", title: "Vulnerability description", }, { category: "summary", text: "golang-fips: Golang FIPS zeroed buffer", title: "Vulnerability summary", }, { category: "other", text: "This issue is specific to the Go language and only affects the test code in cri-o and conmon, not the production code. Since both projects use Go exclusively for testing purposes, this issue does not impact their production environment. Therefore, cri-o and conmon are not affected by this vulnerability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-9355", }, { category: "external", summary: "RHBZ#2315719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2315719", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-9355", url: "https://www.cve.org/CVERecord?id=CVE-2024-9355", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-9355", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-9355", }, ], release_date: "2024-09-30T20:53:42.833000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Streams for Apache Kafka 2.9.0", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang-fips: Golang FIPS zeroed buffer", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295310", }, ], notes: [ { category: "description", text: "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "net/http: Denial of service due to improper 100-continue handling in net/http", title: "Vulnerability summary", }, { category: "other", text: "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker's control. This reduces the severity score of this flaw to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-24791", }, { category: "external", summary: "RHBZ#2295310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-24791", url: "https://www.cve.org/CVERecord?id=CVE-2024-24791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-24791", }, { category: "external", summary: "https://go.dev/cl/591255", url: "https://go.dev/cl/591255", }, { category: "external", summary: "https://go.dev/issue/67555", url: "https://go.dev/issue/67555", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", url: "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ", }, ], release_date: "2024-07-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Streams for Apache Kafka 2.9.0", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "net/http: Denial of service due to improper 100-continue handling in net/http", }, { cve: "CVE-2024-31141", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, discovery_date: "2024-11-19T09:00:35.857468+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2327264", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.", title: "Vulnerability description", }, { category: "summary", text: "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-31141", }, { category: "external", summary: "RHBZ#2327264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2327264", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-31141", url: "https://www.cve.org/CVERecord?id=CVE-2024-31141", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-31141", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-31141", }, { category: "external", summary: "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv", url: "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv", }, ], release_date: "2024-11-19T08:40:50.695000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { cve: "CVE-2024-47554", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-10-03T12:00:40.921058+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316271", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Streams for Apache Kafka 2.9.0", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47554", }, { category: "external", summary: "RHBZ#2316271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316271", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47554", url: "https://www.cve.org/CVERecord?id=CVE-2024-47554", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47554", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47554", }, { category: "external", summary: "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1", url: "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1", }, ], release_date: "2024-10-03T11:32:48.936000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-05T20:59:06+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Streams for Apache Kafka 2.9.0", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2416", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Streams for Apache Kafka 2.9.0", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader", }, ], }
rhsa-2025:3357
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.narayana-narayana-all: deadlock via multiple join requests sent to LRA Coordinator [eap-8.0.z] (CVE-2024-8447)\n\n* io.netty/netty: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2024-47535)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine [eap-8.0.z] (CVE-2025-24970)\n\n* netty-common: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2025-25193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3357", url: "https://access.redhat.com/errata/RHSA-2025:3357", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "https://access.redhat.com/articles/7109353", url: "https://access.redhat.com/articles/7109353", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "JBEAP-29540", url: "https://issues.redhat.com/browse/JBEAP-29540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3357.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update", tracking: { current_release_date: "2025-04-02T20:23:48+00:00", generator: { date: "2025-04-02T20:23:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3357", initial_release_date: "2025-03-27T16:42:38+00:00", revision_history: [ { date: "2025-03-27T16:42:38+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-27T16:42:38+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T20:23:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 9", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", }, }, }, { category: "product_name", name: "Red Hat JBoss EAP 8.0 for RHEL 8", product: { name: "Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-buffer@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-http@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-common@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_id: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00002.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.6.1-1.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-2.redhat_00003.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.6-15.GA_redhat_00009.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-buffer@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-http@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-common@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_id: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.119-1.Final_redhat_00002.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.6.1-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_id: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.6.1-1.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_id: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j@2.0.16-2.redhat_00003.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_id: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-2.redhat_00003.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_id: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-wildfly-modules@8.0.6-15.GA_redhat_00009.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_id: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00002.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_id: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.119-1.Final_redhat_00002.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_id: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.119-1.Final_redhat_00002.1.el8eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", }, product_reference: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", product_id: "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", }, product_reference: "eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", }, product_reference: "eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", }, product_reference: "eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", }, product_reference: "eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", }, product_reference: "eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, { category: "default_component_of", full_product_name: { name: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", product_id: "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", }, product_reference: "eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-8.0", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8447", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2025-01-01T22:41:50.788000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2335206", }, ], notes: [ { category: "description", text: "A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "narayana: deadlock via multiple join requests sent to LRA Coordinator", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8447", }, { category: "external", summary: "RHBZ#2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8447", url: "https://www.cve.org/CVERecord?id=CVE-2024-8447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", }, { category: "external", summary: "https://github.com/jbosstm/narayana/pull/2293", url: "https://github.com/jbosstm/narayana/pull/2293", }, ], release_date: "2024-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "narayana: deadlock via multiple join requests sent to LRA Coordinator", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:42:38+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3357", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el8eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.6.1-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.6.1-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.119-1.Final_redhat_00002.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.119-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-2.redhat_00003.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-2.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.6-15.GA_redhat_00009.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.6-15.GA_redhat_00009.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:3467
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)\n\n* netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine (CVE-2025-24970)\n\n* org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3467", url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3467.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 .21 security update", tracking: { current_release_date: "2025-04-02T20:23:35+00:00", generator: { date: "2025-04-02T20:23:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3467", initial_release_date: "2025-04-01T13:06:47+00:00", revision_history: [ { date: "2025-04-01T13:06:47+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-01T13:06:47+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T20:23:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7", product: { name: "Red Hat JBoss Enterprise Application Platform 7", product_id: "Red Hat JBoss Enterprise Application Platform 7", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { acknowledgments: [ { names: [ "Claudia Bartolini", "Marco Ventura", "Massimiliano Brolli", ], organization: "TIM S.p.A", }, ], cve: "CVE-2025-23367", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2025-01-14T14:56:46.389000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2337620", }, ], notes: [ { category: "description", text: "A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. \nThe vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.", title: "Vulnerability description", }, { category: "summary", text: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has evaluated this issue and the attacker must be authenticated as a user that belongs to the \"Monitor\" or \"Auditor\" management groups. It requires previous privileges to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-23367", }, { category: "external", summary: "RHBZ#2337620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-23367", url: "https://www.cve.org/CVERecord?id=CVE-2025-23367", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-23367", }, { category: "external", summary: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", url: "https://github.com/advisories/GHSA-qr6x-62gq-4ccp", }, ], release_date: "2025-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "org.wildfly.core:wildfly-server: Wildfly improper RBAC permission", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T13:06:47+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3467", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 7", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:0900
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Quarkus 3.15.3 includes the following CVE fixes:\n\n* io.quarkus/quarkus-netty: Denial of Service attack on windows app using Netty [quarkus-3.15] (CVE-2024-47535)\n\n* io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling [quarkus-3.15] (CVE-2024-12397)\n \n\nFor more information, see the release notes page listed in the References\nsection.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:0900", url: "https://access.redhat.com/errata/RHSA-2025:0900", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/articles/4966181", url: "https://access.redhat.com/articles/4966181", }, { category: "external", summary: "https://access.redhat.com/products/quarkus/", url: "https://access.redhat.com/products/quarkus/", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus&downloadType=distributions&version=3.15.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus&downloadType=distributions&version=3.15.3", }, { category: "external", summary: "QUARKUS-5043", url: "https://issues.redhat.com/browse/QUARKUS-5043", }, { category: "external", summary: "QUARKUS-5226", url: "https://issues.redhat.com/browse/QUARKUS-5226", }, { category: "external", summary: "QUARKUS-5235", url: "https://issues.redhat.com/browse/QUARKUS-5235", }, { category: "external", summary: "QUARKUS-5531", url: "https://issues.redhat.com/browse/QUARKUS-5531", }, { category: "external", summary: "QUARKUS-5532", url: "https://issues.redhat.com/browse/QUARKUS-5532", }, { category: "external", summary: "QUARKUS-5533", url: "https://issues.redhat.com/browse/QUARKUS-5533", }, { category: "external", summary: "QUARKUS-5537", url: "https://issues.redhat.com/browse/QUARKUS-5537", }, { category: "external", summary: "QUARKUS-5538", url: "https://issues.redhat.com/browse/QUARKUS-5538", }, { category: "external", summary: "QUARKUS-5540", url: "https://issues.redhat.com/browse/QUARKUS-5540", }, { category: "external", summary: "QUARKUS-5541", url: "https://issues.redhat.com/browse/QUARKUS-5541", }, { category: "external", summary: "QUARKUS-5543", url: "https://issues.redhat.com/browse/QUARKUS-5543", }, { category: "external", summary: "QUARKUS-5544", url: "https://issues.redhat.com/browse/QUARKUS-5544", }, { category: "external", summary: "QUARKUS-5548", url: "https://issues.redhat.com/browse/QUARKUS-5548", }, { category: "external", summary: "QUARKUS-5549", url: "https://issues.redhat.com/browse/QUARKUS-5549", }, { category: "external", summary: "QUARKUS-5550", url: "https://issues.redhat.com/browse/QUARKUS-5550", }, { category: "external", summary: "QUARKUS-5552", url: "https://issues.redhat.com/browse/QUARKUS-5552", }, { category: "external", summary: "QUARKUS-5553", url: "https://issues.redhat.com/browse/QUARKUS-5553", }, { category: "external", summary: "QUARKUS-5554", url: "https://issues.redhat.com/browse/QUARKUS-5554", }, { category: "external", summary: "QUARKUS-5556", url: "https://issues.redhat.com/browse/QUARKUS-5556", }, { category: "external", summary: "QUARKUS-5557", url: "https://issues.redhat.com/browse/QUARKUS-5557", }, { category: "external", summary: "QUARKUS-5558", url: "https://issues.redhat.com/browse/QUARKUS-5558", }, { category: "external", summary: "QUARKUS-5559", url: "https://issues.redhat.com/browse/QUARKUS-5559", }, { category: "external", summary: "QUARKUS-5560", url: "https://issues.redhat.com/browse/QUARKUS-5560", }, { category: "external", summary: "QUARKUS-5563", url: "https://issues.redhat.com/browse/QUARKUS-5563", }, { category: "external", summary: "QUARKUS-5564", url: "https://issues.redhat.com/browse/QUARKUS-5564", }, { category: "external", summary: "QUARKUS-5565", url: "https://issues.redhat.com/browse/QUARKUS-5565", }, { category: "external", summary: "QUARKUS-5566", url: "https://issues.redhat.com/browse/QUARKUS-5566", }, { category: "external", summary: "QUARKUS-5625", url: "https://issues.redhat.com/browse/QUARKUS-5625", }, { category: "external", summary: "QUARKUS-5635", url: "https://issues.redhat.com/browse/QUARKUS-5635", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0900.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Quarkus 3.15.3 release and security update", tracking: { current_release_date: "2025-04-01T13:15:43+00:00", generator: { date: "2025-04-01T13:15:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:0900", initial_release_date: "2025-02-05T12:21:00+00:00", revision_history: [ { date: "2025-02-05T12:21:00+00:00", number: "1", summary: "Initial version", }, { date: "2025-02-05T12:21:00+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-01T13:15:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Quarkus 3.15.3", product: { name: "Red Hat build of Quarkus 3.15.3", product_id: "Red Hat build of Quarkus 3.15.3", product_identification_helper: { cpe: "cpe:/a:redhat:quarkus:3.15::el8", }, }, }, ], category: "product_family", name: "Red Hat build of Quarkus", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-12397", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2024-12-10T01:15:33.380000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2331298", }, ], notes: [ { category: "description", text: "A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with\ncertain value-delimiting characters in incoming requests. This issue could\nallow an attacker to construct a cookie value to exfiltrate HttpOnly cookie\nvalues or spoof arbitrary additional cookie values, leading to unauthorized\ndata access or modification. The main threat from this flaw impacts data\nconfidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has evaluated this vulnerability. This is a very similar vulnerability to an Undertow, seen in CVE-2023-4639.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 3.15.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-12397", }, { category: "external", summary: "RHBZ#2331298", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2331298", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-12397", url: "https://www.cve.org/CVERecord?id=CVE-2024-12397", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-12397", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-12397", }, ], release_date: "2024-12-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-05T12:21:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 3.15.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0900", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "Red Hat build of Quarkus 3.15.3", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat build of Quarkus 3.15.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 3.15.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-05T12:21:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 3.15.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0900", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 3.15.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
rhsa-2025:3358
Vulnerability from csaf_redhat
Notes
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.narayana-narayana-all: deadlock via multiple join requests sent to LRA Coordinator [eap-8.0.z] (CVE-2024-8447)\n\n* io.netty/netty: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2024-47535)\n\n* io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine [eap-8.0.z] (CVE-2025-24970)\n\n* netty-common: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2025-25193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3358", url: "https://access.redhat.com/errata/RHSA-2025:3358", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", }, { category: "external", summary: "https://access.redhat.com/articles/7109353", url: "https://access.redhat.com/articles/7109353", }, { category: "external", summary: "2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "JBEAP-29540", url: "https://issues.redhat.com/browse/JBEAP-29540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3358.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update", tracking: { current_release_date: "2025-04-02T20:23:42+00:00", generator: { date: "2025-04-02T20:23:42+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3358", initial_release_date: "2025-03-27T16:47:04+00:00", revision_history: [ { date: "2025-03-27T16:47:04+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-27T16:47:04+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T20:23:42+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 8", product: { name: "Red Hat JBoss Enterprise Application Platform 8", product_id: "Red Hat JBoss Enterprise Application Platform 8", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-8447", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2025-01-01T22:41:50.788000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2335206", }, ], notes: [ { category: "description", text: "A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "narayana: deadlock via multiple join requests sent to LRA Coordinator", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-8447", }, { category: "external", summary: "RHBZ#2335206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2335206", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-8447", url: "https://www.cve.org/CVERecord?id=CVE-2024-8447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-8447", }, { category: "external", summary: "https://github.com/jbosstm/narayana/pull/2293", url: "https://github.com/jbosstm/narayana/pull/2293", }, ], release_date: "2024-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "narayana: deadlock via multiple join requests sent to LRA Coordinator", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-11-12T16:01:18.772613+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2325538", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47535", }, { category: "external", summary: "RHBZ#2325538", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2325538", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47535", url: "https://www.cve.org/CVERecord?id=CVE-2024-47535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { category: "external", summary: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], release_date: "2024-11-12T15:50:08.334000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2025-02-10T23:00:52.785132+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344787", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation.", title: "Vulnerability description", }, { category: "summary", text: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Netty's SslHandler is of important severity rather than moderate because it directly impacts the stability and reliability of applications using native SSLEngine. By sending a specially crafted packet, an attacker can trigger a native crash, leading to a complete process termination. Unlike typical moderate vulnerabilities that might cause limited disruptions or require specific conditions, this flaw can be exploited remotely to induce a Denial of Service (DoS), affecting high-availability systems and mission-critical services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24970", }, { category: "external", summary: "RHBZ#2344787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24970", url: "https://www.cve.org/CVERecord?id=CVE-2025-24970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24970", }, { category: "external", summary: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", url: "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", url: "https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw", }, ], release_date: "2025-02-10T21:57:28.730000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2025-02-10T23:00:54.794769+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2344788", }, ], notes: [ { category: "description", text: "A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash.", title: "Vulnerability description", }, { category: "summary", text: "netty: Denial of Service attack on windows app using Netty", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects Windows environments, therefore, this would affect an environment when running a supported Red Hat JBoss EAP 7 or 8, for example, if running on Windows.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-25193", }, { category: "external", summary: "RHBZ#2344788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2344788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-25193", url: "https://www.cve.org/CVERecord?id=CVE-2025-25193", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-25193", }, { category: "external", summary: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", url: "https://github.com/netty/netty/commit/d1fbda62d3a47835d3fb35db8bd42ecc205a5386", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", url: "https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx", }, ], release_date: "2025-02-10T22:02:17.197000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T16:47:04+00:00", details: "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3358", }, { category: "workaround", details: "Currently, no mitigation is available for this vulnerability.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Enterprise Application Platform 8", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: Denial of Service attack on windows app using Netty", }, ], }
ghsa-xq3w-v528-46rv
Vulnerability from github
5.4 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
Summary
An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash.
Details
When the library netty is loaded in a java windows application, the library tries to identify the system environnement in which it is executed.
At this stage, Netty tries to load both /etc/os-release
and /usr/lib/os-release
even though it is in a Windows environment.
If netty finds this files, it reads them and loads them into memory.
By default :
- The JVM maximum memory size is set to 1 GB,
- A non-privileged user can create a directory at
C:\
and create files within it.
the source code identified : https://github.com/netty/netty/blob/4.1/common/src/main/java/io/netty/util/internal/PlatformDependent.java
Despite the implementation of the function normalizeOs()
the source code not verify the OS before reading C:\etc\os-release
and C:\usr\lib\os-release
.
PoC
Create a file larger than 1 GB of data in C:\etc\os-release
or C:\usr\lib\os-release
on a Windows environnement and start your Netty application.
To observe what the application does with the file, the security analyst used "Process Monitor" from the "Windows SysInternals" suite. (https://learn.microsoft.com/en-us/sysinternals/)
cd C:\etc
fsutil file createnew os-release 3000000000
The source code used is the Netty website code example : Echo ‐ the very basic client and server.
The vulnerability was tested on the 4.1.112.Final version.
The security analyst tried the same technique for C:\proc\sys\net\core\somaxconn
with a lot of values to impact Netty but the only things that works is the "larger than 1 GB file" technique. https://github.com/netty/netty/blob/c0fdb8e9f8f256990e902fcfffbbe10754d0f3dd/common/src/main/java/io/netty/util/NetUtil.java#L186
Impact
By loading the "file larger than 1 GB" into the memory, the Netty library exceeds the JVM memory limit and causes a crash in the java Windows application.
This behaviour occurs 100% of the time in both Server mode and Client mode if the large file exists.
Client mode :
Server mode :
somaxconn :
Severity
- Attack vector : "Local" because the attacker needs to be on the system where the Netty application is running.
- Attack complexity : "Low" because the attacker only need to create a massive file (regardless of its contents).
- Privileges required : "Low" because the attacker requires a user account to exploit the vulnerability.
- User intercation : "None" because the administrator don't need to accidentally click anywhere to trigger the vulnerability. Furthermore, the exploitation works with defaults windows/AD settings.
- Scope : "Unchanged" because only Netty is affected by the vulnerability.
- Confidentiality : "None" because no data is exposed through exploiting the vulnerability.
- Integrity : "None" because the explotation of the vulnerability does not allow editing, deleting or adding data elsewhere.
- Availability : "High" because the exploitation of this vulnerability crashes the entire java application.
{ affected: [ { database_specific: { last_known_affected_version_range: "<= 4.1.114.Final", }, package: { ecosystem: "Maven", name: "io.netty:netty-common", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "4.1.115.Final", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2024-47535", ], database_specific: { cwe_ids: [ "CWE-400", ], github_reviewed: true, github_reviewed_at: "2024-11-12T19:53:17Z", nvd_published_at: "2024-11-12T16:15:22Z", severity: "MODERATE", }, details: "### Summary\n\nAn unsafe reading of environment file could potentially cause a denial of service in Netty.\nWhen loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash.\n\n\n### Details\n\nWhen the library netty is loaded in a java windows application, the library tries to identify the system environnement in which it is executed.\n\nAt this stage, Netty tries to load both `/etc/os-release` and `/usr/lib/os-release` even though it is in a Windows environment. \n\n<img width=\"364\" alt=\"1\" src=\"https://github.com/user-attachments/assets/9466b181-9394-45a3-b0e3-1dcf105def59\">\n\nIf netty finds this files, it reads them and loads them into memory.\n\nBy default :\n\n- The JVM maximum memory size is set to 1 GB,\n- A non-privileged user can create a directory at `C:\\` and create files within it.\n\n<img width=\"340\" alt=\"2\" src=\"https://github.com/user-attachments/assets/43b359a2-5871-4592-ae2b-ffc40ac76831\">\n\n<img width=\"523\" alt=\"3\" src=\"https://github.com/user-attachments/assets/ad5c6eed-451c-4513-92d5-ba0eee7715c1\">\n\nthe source code identified :\nhttps://github.com/netty/netty/blob/4.1/common/src/main/java/io/netty/util/internal/PlatformDependent.java\n\nDespite the implementation of the function `normalizeOs()` the source code not verify the OS before reading `C:\\etc\\os-release` and `C:\\usr\\lib\\os-release`.\n\n### PoC\n\nCreate a file larger than 1 GB of data in `C:\\etc\\os-release` or `C:\\usr\\lib\\os-release` on a Windows environnement and start your Netty application.\n\nTo observe what the application does with the file, the security analyst used \"Process Monitor\" from the \"Windows SysInternals\" suite. (https://learn.microsoft.com/en-us/sysinternals/)\n\n```\ncd C:\\etc\nfsutil file createnew os-release 3000000000\n```\n\n<img width=\"519\" alt=\"4\" src=\"https://github.com/user-attachments/assets/39df22a3-462b-4fd0-af9a-aa30077ec08f\">\n\n<img width=\"517\" alt=\"5\" src=\"https://github.com/user-attachments/assets/129dbd50-fc36-4da5-8eb1-582123fb528f\">\n\nThe source code used is the Netty website code example : [Echo ‐ the very basic client and server](https://netty.io/4.1/xref/io/netty/example/echo/package-summary.html).\n\nThe vulnerability was tested on the 4.1.112.Final version.\n\nThe security analyst tried the same technique for `C:\\proc\\sys\\net\\core\\somaxconn` with a lot of values to impact Netty but the only things that works is the \"larger than 1 GB file\" technique. https://github.com/netty/netty/blob/c0fdb8e9f8f256990e902fcfffbbe10754d0f3dd/common/src/main/java/io/netty/util/NetUtil.java#L186\n\n### Impact\n\nBy loading the \"file larger than 1 GB\" into the memory, the Netty library exceeds the JVM memory limit and causes a crash in the java Windows application.\n\nThis behaviour occurs 100% of the time in both Server mode and Client mode if the large file exists.\n\nClient mode :\n\n<img width=\"449\" alt=\"6\" src=\"https://github.com/user-attachments/assets/f8fe1ed0-1a42-4490-b9ed-dbc9af7804be\">\n\nServer mode :\n\n<img width=\"464\" alt=\"7\" src=\"https://github.com/user-attachments/assets/b34b42bd-4fbd-4170-b93a-d29ba87b88eb\">\n\nsomaxconn :\n\n<img width=\"532\" alt=\"8\" src=\"https://github.com/user-attachments/assets/0656b3bb-32c6-4ae2-bff7-d93babba08a3\">\n\n### Severity\n\n- Attack vector : \"Local\" because the attacker needs to be on the system where the Netty application is running.\n- Attack complexity : \"Low\" because the attacker only need to create a massive file (regardless of its contents).\n- Privileges required : \"Low\" because the attacker requires a user account to exploit the vulnerability.\n- User intercation : \"None\" because the administrator don't need to accidentally click anywhere to trigger the vulnerability. Furthermore, the exploitation works with defaults windows/AD settings.\n- Scope : \"Unchanged\" because only Netty is affected by the vulnerability.\n- Confidentiality : \"None\" because no data is exposed through exploiting the vulnerability.\n- Integrity : \"None\" because the explotation of the vulnerability does not allow editing, deleting or adding data elsewhere.\n- Availability : \"High\" because the exploitation of this vulnerability crashes the entire java application.", id: "GHSA-xq3w-v528-46rv", modified: "2025-02-18T15:57:45Z", published: "2024-11-12T19:53:17Z", references: [ { type: "WEB", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", }, { type: "WEB", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { type: "PACKAGE", url: "https://github.com/netty/netty", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P", type: "CVSS_V4", }, ], summary: "Denial of Service attack on windows app using netty", }
ncsc-2025-0021
Vulnerability from csaf_ncscnl
Notes
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communicatieproducten, waaronder Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function en Oracle Communications Order and Service Management.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om Denial of Service (DoS) aanvallen uit te voeren of om ongeautoriseerde toegang tot gevoelige gegevens te verkrijgen. Specifieke versies, zoals 24.2.0 en 24.3.0 van de Cloud Native Core Network Function, zijn bijzonder kwetsbaar. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal geprepareerde HTTP-verzoeken te sturen naar het kwetsbare systeem.", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, { category: "general", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, { category: "general", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, { category: "general", text: "Path Traversal: '.../...//'", title: "CWE-35", }, { category: "general", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "general", text: "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", title: "CWE-338", }, { category: "general", text: "Use of Potentially Dangerous Function", title: "CWE-676", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "general", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "general", text: "Use of Weak Hash", title: "CWE-328", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Insufficient Granularity of Access Control", title: "CWE-1220", }, { category: "general", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "general", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, { category: "general", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Improper Enforcement of Message Integrity During Transmission in a Communication Channel", title: "CWE-924", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, { category: "general", text: "Reachable Assertion", title: "CWE-617", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Use of Password Hash Instead of Password for Authentication", title: "CWE-836", }, { category: "general", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Relative Path Traversal", title: "CWE-23", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "general", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "User Interface (UI) Misrepresentation of Critical Information", title: "CWE-451", }, { category: "general", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Use of Hard-coded Credentials", title: "CWE-798", }, { category: "general", text: "Unrestricted Upload of File with Dangerous Type", title: "CWE-434", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Uncaught Exception", title: "CWE-248", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "Incorrect Authorization", title: "CWE-863", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Generation of Error Message Containing Sensitive Information", title: "CWE-209", }, { category: "general", text: "Incorrect Default Permissions", title: "CWE-276", }, { category: "general", text: "Authentication Bypass by Capture-replay", title: "CWE-294", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpujan2025.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Communications", tracking: { current_release_date: "2025-01-22T13:30:50.189632Z", id: "NCSC-2025-0021", initial_release_date: "2025-01-22T13:30:50.189632Z", revision_history: [ { date: "2025-01-22T13:30:50.189632Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1727475", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635313", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635305", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635311", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635312", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635323", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670430", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674632", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635320", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670439", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670429", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670435", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670431", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670436", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670432", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635321", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635310", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635318", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674642", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670434", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674639", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635314", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674637", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635307", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635319", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670438", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635315", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670433", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674641", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674636", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670437", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674631", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635308", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635309", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications__10.4.0.4", product: { name: "communications__10.4.0.4", product_id: "CSAFPID-1674629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.2", product: { name: "communications___23.4.2", product_id: "CSAFPID-1670442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.3", product: { name: "communications___23.4.3", product_id: "CSAFPID-1635325", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.4", product: { name: "communications___23.4.4", product_id: "CSAFPID-1635326", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.5", product: { name: "communications___23.4.5", product_id: "CSAFPID-1674645", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.6", product: { name: "communications___23.4.6", product_id: "CSAFPID-1674646", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___24.2.0", product: { name: "communications___24.2.0", product_id: "CSAFPID-1674644", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___7.2.1.0.0", product: { name: "communications___7.2.1.0.0", product_id: "CSAFPID-1670441", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.6", product: { name: "communications___8.6.0.6", product_id: "CSAFPID-1635327", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.8", product: { name: "communications___8.6.0.8", product_id: "CSAFPID-1635328", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.2", product: { name: "communications___9.0.2", product_id: "CSAFPID-1670440", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.3", product: { name: "communications___9.0.3", product_id: "CSAFPID-1635329", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.1.1.8.0", product: { name: "communications___9.1.1.8.0", product_id: "CSAFPID-1674643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674621", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751381", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751383", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751378", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751377", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674618", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674619", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674617", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674623", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751382", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.0.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751380", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1751379", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1.0.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674620", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___12.0.6.0.0", product: { name: "communications_applications___12.0.6.0.0", product_id: "CSAFPID-1674627", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___5.5.22", product: { name: "communications_applications___5.5.22", product_id: "CSAFPID-1674626", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.3", product: { name: "communications_applications___6.0.3", product_id: "CSAFPID-1674628", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.4", product: { name: "communications_applications___6.0.4", product_id: "CSAFPID-1674624", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.5", product: { name: "communications_applications___6.0.5", product_id: "CSAFPID-1674625", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-816792", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-764735", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-1751255", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-1751254", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-816793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-912557", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-764247", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-1650820", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-912556", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-1751303", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220055", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1503577", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1751300", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-764237", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1650752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1673396", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1751085", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1751079", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673526", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673391", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1751253", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816768", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816769", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-912085", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1503578", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673389", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1751090", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673421", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673420", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1751246", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816770", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816771", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-912068", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-1503579", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-816772", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-912076", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-1503580", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-219838", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-611387", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-816773", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912101", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1503581", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1751208", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1751209", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912539", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912540", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912541", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912542", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912543", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816346", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912077", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1503322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673415", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1751231", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816775", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912544", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816348", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-912545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816347", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-1673494", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-764240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1650751", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673395", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-912069", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1751225", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1751088", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1751089", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-94291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-816778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-614517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673392", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1503582", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673393", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1751081", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1751084", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-224795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912102", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912549", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503583", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503585", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1672767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1751241", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-90016", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912078", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816349", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1673399", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751080", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1751082", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-1751229", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-1751230", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503599", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-1751292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-1751294", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-224793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-1751295", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-816794", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-342793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1650777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1265", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-816350", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1261", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-1672764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1503588", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751104", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-40293", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751237", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751097", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-611413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1751211", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912551", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912552", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1751243", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:47.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-764242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-819413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-819414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.2.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-816780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816782", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-912553", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-219803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-204622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-219909", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-816351", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-1751218", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_metasolv_solution", product: { name: "communications_metasolv_solution", product_id: "CSAFPID-611595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816353", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816352", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503589", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1673414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816783", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816786", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816785", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816788", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-342803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1650778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1266", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-816354", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-204563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-219776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-765242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-916906", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-1751247", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-1751248", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-93781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-220132", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-912079", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-224790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-221118", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-1673496", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence", product: { name: "communications_performance_intelligence", product_id: "CSAFPID-1503591", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816789", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-764738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-816355", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816359", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816358", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816357", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-912558", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1751233", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503602", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1751234", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816796", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816797", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503592", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503593", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1672762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503594", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-342804", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-819415", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-819416", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-816791", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-240600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673382", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1650731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673530", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1751235", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.1-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1751296", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-764739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-8984", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204569", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-219826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-912073", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503596", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503597", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503598", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1751217", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-912080", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1673481", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1751258", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-912554", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2022-41727", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2022-41727", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41727.json", }, ], title: "CVE-2022-41727", }, { cve: "CVE-2023-4408", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-4408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4408.json", }, ], title: "CVE-2023-4408", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2023-5678", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json", }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5981", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, ], product_status: { known_affected: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751217", "CSAFPID-1673481", ], }, references: [ { category: "self", summary: "CVE-2023-5981", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5981.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751217", "CSAFPID-1673481", ], }, ], title: "CVE-2023-5981", }, { cve: "CVE-2023-6597", cwe: { id: "CWE-61", name: "UNIX Symbolic Link (Symlink) Following", }, notes: [ { category: "other", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751097", ], }, references: [ { category: "self", summary: "CVE-2023-6597", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751097", ], }, ], title: "CVE-2023-6597", }, { cve: "CVE-2023-7256", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2023-7256", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7256.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, ], title: "CVE-2023-7256", }, { cve: "CVE-2023-29407", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2023-29407", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29407.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2023-29407", }, { cve: "CVE-2023-29408", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2023-29408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29408.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2023-29408", }, { cve: "CVE-2023-40577", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2023-40577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-40577.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, ], title: "CVE-2023-40577", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-201", name: "Insertion of Sensitive Information Into Sent Data", }, notes: [ { category: "other", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, references: [ { category: "self", summary: "CVE-2023-46218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46218.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, references: [ { category: "self", summary: "CVE-2023-46219", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46219.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1751211", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2023-46604", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-219826", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751104", ], }, references: [ { category: "self", summary: "CVE-2023-46604", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46604.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-219826", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751104", ], }, ], title: "CVE-2023-46604", }, { cve: "CVE-2023-50868", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-50868", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50868.json", }, ], title: "CVE-2023-50868", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650777", "CSAFPID-1650778", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1751218", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-0232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json", }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0397", product_status: { known_affected: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-0397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, ], title: "CVE-2024-0397", }, { cve: "CVE-2024-0450", cwe: { id: "CWE-450", name: "Multiple Interpretations of UI Input", }, notes: [ { category: "other", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "other", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", ], }, references: [ { category: "self", summary: "CVE-2024-0450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", ], }, ], title: "CVE-2024-0450", }, { cve: "CVE-2024-1442", cwe: { id: "CWE-269", name: "Improper Privilege Management", }, notes: [ { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-1442", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1442.json", }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-1442", }, { cve: "CVE-2024-2961", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1672762", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1673396", "CSAFPID-1673395", "CSAFPID-1673494", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-2961", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1672762", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1673396", "CSAFPID-1673395", "CSAFPID-1673494", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751097", "CSAFPID-1751237", ], }, ], title: "CVE-2024-2961", }, { cve: "CVE-2024-3596", cwe: { id: "CWE-924", name: "Improper Enforcement of Message Integrity During Transmission in a Communication Channel", }, notes: [ { category: "other", text: "Improper Enforcement of Message Integrity During Transmission in a Communication Channel", title: "CWE-924", }, { category: "other", text: "Use of Weak Hash", title: "CWE-328", }, { category: "other", text: "Authentication Bypass by Capture-replay", title: "CWE-294", }, { category: "other", text: "Use of Password Hash Instead of Password for Authentication", title: "CWE-836", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "other", text: "User Interface (UI) Misrepresentation of Critical Information", title: "CWE-451", }, { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, ], product_status: { known_affected: [ "CSAFPID-1751090", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-1751253", ], }, references: [ { category: "self", summary: "CVE-2024-3596", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-3596.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751090", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-1751253", ], }, ], title: "CVE-2024-3596", }, { cve: "CVE-2024-4030", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "other", text: "Incorrect Default Permissions", title: "CWE-276", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-4030", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2024-4030", }, { cve: "CVE-2024-4032", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, notes: [ { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-4032", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2024-4032", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, ], product_status: { known_affected: [ "CSAFPID-1751090", "CSAFPID-1751253", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751090", "CSAFPID-1751253", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751209", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6162", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751303", "CSAFPID-1650820", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-6162", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751303", "CSAFPID-1650820", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-6162", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], product_status: { known_affected: [ "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", ], }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7254", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751233", "CSAFPID-1673530", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-7254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751233", "CSAFPID-1673530", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-7254", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-7885", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, ], product_status: { known_affected: [ "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1751080", "CSAFPID-1751090", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, references: [ { category: "self", summary: "CVE-2024-7885", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7885.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1751080", "CSAFPID-1751090", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, ], title: "CVE-2024-7885", }, { cve: "CVE-2024-8006", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-8006", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8006.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220132", "CSAFPID-1751084", "CSAFPID-912079", ], }, ], title: "CVE-2024-8006", }, { cve: "CVE-2024-9143", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1751253", ], }, references: [ { category: "self", summary: "CVE-2024-9143", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json", }, ], title: "CVE-2024-9143", }, { cve: "CVE-2024-22195", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-22195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751085", ], }, ], title: "CVE-2024-22195", }, { cve: "CVE-2024-24786", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-24786", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24786.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-24786", }, { cve: "CVE-2024-24791", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2024-24791", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24791.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751209", ], }, ], title: "CVE-2024-24791", }, { cve: "CVE-2024-25638", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "other", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751229", "CSAFPID-1751230", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, references: [ { category: "self", summary: "CVE-2024-25638", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json", }, ], scores: [ { cvss_v3: { baseScore: 8.9, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751229", "CSAFPID-1751230", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, ], title: "CVE-2024-25638", }, { cve: "CVE-2024-25710", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912101", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", ], }, references: [ { category: "self", summary: "CVE-2024-25710", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912101", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", ], }, ], title: "CVE-2024-25710", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-1727475", "CSAFPID-1751218", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-27309", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Incorrect Authorization", title: "CWE-863", }, ], product_status: { known_affected: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-27309", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27309.json", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-27309", }, { cve: "CVE-2024-28219", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "other", text: "Use of Potentially Dangerous Function", title: "CWE-676", }, { category: "other", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, ], product_status: { known_affected: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1751085", "CSAFPID-912547", ], }, references: [ { category: "self", summary: "CVE-2024-28219", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1751085", "CSAFPID-912547", ], }, ], title: "CVE-2024-28219", }, { cve: "CVE-2024-28834", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-28834", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28834.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, ], title: "CVE-2024-28834", }, { cve: "CVE-2024-28835", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "other", text: "Uncaught Exception", title: "CWE-248", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-28835", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28835.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1751217", "CSAFPID-1503590", ], }, ], title: "CVE-2024-28835", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751235", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751235", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751233", "CSAFPID-1751218", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751233", "CSAFPID-1751218", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673530", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-33599", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33599", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33599.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33599", }, { cve: "CVE-2024-33600", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33600", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33600.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33600", }, { cve: "CVE-2024-33601", cwe: { id: "CWE-703", name: "Improper Check or Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33601", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33601.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33601", }, { cve: "CVE-2024-33602", cwe: { id: "CWE-466", name: "Return of Pointer Value Outside of Expected Range", }, notes: [ { category: "other", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "other", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", ], }, references: [ { category: "self", summary: "CVE-2024-33602", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", ], }, ], title: "CVE-2024-33602", }, { cve: "CVE-2024-34064", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751238", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-1751082", "CSAFPID-1751240", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1673481", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-34064", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1727475", "CSAFPID-1751238", "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-1751082", "CSAFPID-1751240", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-1673481", "CSAFPID-1751085", ], }, ], title: "CVE-2024-34064", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751242", "CSAFPID-1751243", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751242", "CSAFPID-1751243", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751085", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-35195", cwe: { id: "CWE-670", name: "Always-Incorrect Control Flow Implementation", }, notes: [ { category: "other", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, ], product_status: { known_affected: [ "CSAFPID-1751246", "CSAFPID-1751247", "CSAFPID-1751248", "CSAFPID-1673530", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-220132", "CSAFPID-1751082", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-912079", "CSAFPID-916906", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-35195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751246", "CSAFPID-1751247", "CSAFPID-1751248", "CSAFPID-1673530", "CSAFPID-1673393", "CSAFPID-1751239", "CSAFPID-220132", "CSAFPID-1751082", "CSAFPID-1672767", "CSAFPID-1751241", "CSAFPID-912079", "CSAFPID-916906", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-35195", }, { cve: "CVE-2024-37370", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", ], }, references: [ { category: "self", summary: "CVE-2024-37370", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", ], }, ], title: "CVE-2024-37370", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751237", "CSAFPID-1751254", "CSAFPID-1751217", "CSAFPID-1673481", "CSAFPID-1751255", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751254", "CSAFPID-1673530", "CSAFPID-1751217", "CSAFPID-1751255", "CSAFPID-816790", "CSAFPID-1751258", "CSAFPID-1673481", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751225", "CSAFPID-1751254", "CSAFPID-1673530", "CSAFPID-1751217", "CSAFPID-1751255", "CSAFPID-816790", "CSAFPID-1751258", "CSAFPID-1673481", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Path Traversal: '.../...//'", title: "CWE-35", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Use of Hard-coded Credentials", title: "CWE-798", }, { category: "other", text: "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", title: "CWE-338", }, ], references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38807", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, ], product_status: { known_affected: [ "CSAFPID-1751090", "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-38807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38807.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751090", "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-38807", }, { cve: "CVE-2024-38809", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673393", ], }, references: [ { category: "self", summary: "CVE-2024-38809", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json", }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-1673393", ], }, ], title: "CVE-2024-38809", }, { cve: "CVE-2024-38816", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Relative Path Traversal", title: "CWE-23", }, ], product_status: { known_affected: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751082", "CSAFPID-1751225", ], }, references: [ { category: "self", summary: "CVE-2024-38816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1751081", "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751082", "CSAFPID-1751225", ], }, ], title: "CVE-2024-38816", }, { cve: "CVE-2024-38819", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751081", "CSAFPID-1751082", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", ], }, references: [ { category: "self", summary: "CVE-2024-38819", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673393", "CSAFPID-1751079", "CSAFPID-1751080", "CSAFPID-1751081", "CSAFPID-1751082", "CSAFPID-1751084", "CSAFPID-1751085", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751241", ], }, ], title: "CVE-2024-38819", }, { cve: "CVE-2024-38820", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751080", "CSAFPID-1751082", "CSAFPID-1751085", "CSAFPID-1672767", "CSAFPID-1751241", ], }, references: [ { category: "self", summary: "CVE-2024-38820", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751080", "CSAFPID-1751082", "CSAFPID-1751085", "CSAFPID-1672767", "CSAFPID-1751241", ], }, ], title: "CVE-2024-38820", }, { cve: "CVE-2024-38827", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-38827", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json", }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-38827", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-912073", "CSAFPID-1751254", "CSAFPID-1751079", "CSAFPID-1751242", "CSAFPID-1751234", "CSAFPID-1673496", "CSAFPID-1751233", "CSAFPID-1751255", "CSAFPID-1673481", "CSAFPID-1751085", "CSAFPID-220132", "CSAFPID-912079", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-41817", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220132", "CSAFPID-912079", ], }, references: [ { category: "self", summary: "CVE-2024-41817", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220132", "CSAFPID-912079", ], }, ], title: "CVE-2024-41817", }, { cve: "CVE-2024-45490", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "other", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-45490", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, ], title: "CVE-2024-45490", }, { cve: "CVE-2024-45491", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-45491", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1673414", "CSAFPID-1503590", ], }, ], title: "CVE-2024-45491", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1673414", "CSAFPID-1503590", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1673414", "CSAFPID-1503590", ], }, ], title: "CVE-2024-45492", }, { cve: "CVE-2024-47535", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-47535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47535.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751233", "CSAFPID-1751234", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-47535", }, { cve: "CVE-2024-47554", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1751292", "CSAFPID-1751234", "CSAFPID-1751294", "CSAFPID-1751233", "CSAFPID-1751295", "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-47554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751292", "CSAFPID-1751234", "CSAFPID-1751294", "CSAFPID-1751233", "CSAFPID-1751295", "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-47554", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2024-47561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751296", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2024-47561", }, { cve: "CVE-2024-47803", cwe: { id: "CWE-209", name: "Generation of Error Message Containing Sensitive Information", }, notes: [ { category: "other", text: "Generation of Error Message Containing Sensitive Information", title: "CWE-209", }, ], product_status: { known_affected: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-47803", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47803.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, ], title: "CVE-2024-47803", }, { cve: "CVE-2024-47804", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "other", text: "Incorrect Authorization", title: "CWE-863", }, { category: "other", text: "Insufficient Granularity of Access Control", title: "CWE-1220", }, { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-47804", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47804.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1672767", "CSAFPID-1751300", "CSAFPID-1751241", "CSAFPID-1751081", "CSAFPID-1751084", "CSAFPID-1673393", "CSAFPID-1751085", ], }, ], title: "CVE-2024-47804", }, { cve: "CVE-2024-49766", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751246", "CSAFPID-1751209", ], }, references: [ { category: "self", summary: "CVE-2024-49766", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49766.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751246", "CSAFPID-1751209", ], }, ], title: "CVE-2024-49766", }, { cve: "CVE-2024-49767", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1751208", "CSAFPID-1751080", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751082", "CSAFPID-1751300", "CSAFPID-1751246", "CSAFPID-1751209", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, references: [ { category: "self", summary: "CVE-2024-49767", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49767.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751208", "CSAFPID-1751080", "CSAFPID-1751079", "CSAFPID-1751225", "CSAFPID-1751082", "CSAFPID-1751300", "CSAFPID-1751246", "CSAFPID-1751209", "CSAFPID-1673393", "CSAFPID-1751085", "CSAFPID-1751231", ], }, ], title: "CVE-2024-49767", }, { cve: "CVE-2024-50379", cwe: { id: "CWE-367", name: "Time-of-check Time-of-use (TOCTOU) Race Condition", }, notes: [ { category: "other", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-50379", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50379.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-50379", }, { cve: "CVE-2024-50602", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, ], product_status: { known_affected: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751082", "CSAFPID-1751085", ], }, references: [ { category: "self", summary: "CVE-2024-50602", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1751225", "CSAFPID-1751079", "CSAFPID-1751082", "CSAFPID-1751085", ], }, ], title: "CVE-2024-50602", }, { cve: "CVE-2024-53677", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Unrestricted Upload of File with Dangerous Type", title: "CWE-434", }, { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-53677", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53677.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-53677", }, { cve: "CVE-2024-54677", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-54677", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54677.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-54677", }, { cve: "CVE-2024-56337", cwe: { id: "CWE-367", name: "Time-of-check Time-of-use (TOCTOU) Race Condition", }, notes: [ { category: "other", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, ], product_status: { known_affected: [ "CSAFPID-816790", ], }, references: [ { category: "self", summary: "CVE-2024-56337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816790", ], }, ], title: "CVE-2024-56337", }, { cve: "CVE-2025-21542", product_status: { known_affected: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2025-21542", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21542.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2025-21542", }, { cve: "CVE-2025-21544", product_status: { known_affected: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2025-21544", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21544.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2025-21544", }, { cve: "CVE-2025-21554", product_status: { known_affected: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, references: [ { category: "self", summary: "CVE-2025-21554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21554.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1751377", "CSAFPID-1751378", "CSAFPID-1751379", "CSAFPID-1751380", "CSAFPID-1751381", "CSAFPID-1751382", "CSAFPID-1751383", "CSAFPID-1674619", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1751384", "CSAFPID-1751385", "CSAFPID-1751386", ], }, ], title: "CVE-2025-21554", }, ], }
fkie_cve-2024-47535
Vulnerability from fkie_nvd
Vendor | Product | Version |
---|
{ cveTags: [], descriptions: [ { lang: "en", value: "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", }, { lang: "es", value: "Netty es un framework de trabajo de aplicación de red asincrónico controlado por eventos para el desarrollo rápido de servidores y clientes de protocolo de alto rendimiento y mantenibles. Una lectura no segura de un archivo de entorno podría provocar una denegación de servicio en Netty. Cuando se carga en una aplicación de Windows, Netty intenta cargar un archivo que no existe. Si un atacante crea un archivo tan grande, la aplicación Netty se bloquea. Esta vulnerabilidad se corrigió en 4.1.115.", }, ], id: "CVE-2024-47535", lastModified: "2024-11-13T17:01:58.603", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2024-11-12T16:15:22.237", references: [ { source: "security-advisories@github.com", url: "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3", }, { source: "security-advisories@github.com", url: "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "security-advisories@github.com", type: "Secondary", }, ], }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.