RHSA-2026:0384
Vulnerability from csaf_redhat - Published: 2026-01-08 16:57 - Updated: 2026-01-13 22:41Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.3 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF [eap-8.1.z] (CVE-2025-12543)
* undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded [eap-8.1.z] (CVE-2024-3884)
* undertow-core: Undertow MadeYouReset HTTP/2 DDoS Vulnerability [eap-8.1.z] (CVE-2025-9784)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF [eap-8.1.z] (CVE-2025-12543)\n\n* undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded [eap-8.1.z] (CVE-2024-3884)\n\n* undertow-core: Undertow MadeYouReset HTTP/2 DDoS Vulnerability [eap-8.1.z] (CVE-2025-9784)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0384",
"url": "https://access.redhat.com/errata/RHSA-2026:0384"
},
{
"category": "external",
"summary": "JBEAP-31345",
"url": "https://issues.redhat.com/browse/JBEAP-31345"
},
{
"category": "external",
"summary": "JBEAP-31374",
"url": "https://issues.redhat.com/browse/JBEAP-31374"
},
{
"category": "external",
"summary": "JBEAP-31380",
"url": "https://issues.redhat.com/browse/JBEAP-31380"
},
{
"category": "external",
"summary": "JBEAP-31396",
"url": "https://issues.redhat.com/browse/JBEAP-31396"
},
{
"category": "external",
"summary": "JBEAP-31414",
"url": "https://issues.redhat.com/browse/JBEAP-31414"
},
{
"category": "external",
"summary": "JBEAP-31421",
"url": "https://issues.redhat.com/browse/JBEAP-31421"
},
{
"category": "external",
"summary": "JBEAP-31474",
"url": "https://issues.redhat.com/browse/JBEAP-31474"
},
{
"category": "external",
"summary": "JBEAP-31494",
"url": "https://issues.redhat.com/browse/JBEAP-31494"
},
{
"category": "external",
"summary": "JBEAP-31495",
"url": "https://issues.redhat.com/browse/JBEAP-31495"
},
{
"category": "external",
"summary": "JBEAP-31601",
"url": "https://issues.redhat.com/browse/JBEAP-31601"
},
{
"category": "external",
"summary": "JBEAP-31250",
"url": "https://issues.redhat.com/browse/JBEAP-31250"
},
{
"category": "external",
"summary": "JBEAP-31326",
"url": "https://issues.redhat.com/browse/JBEAP-31326"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/red_hat_jboss_enterprise_application_platform_installation_methods/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/red_hat_jboss_enterprise_application_platform_installation_methods/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7134190",
"url": "https://access.redhat.com/articles/7134190"
},
{
"category": "external",
"summary": "2275287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275287"
},
{
"category": "external",
"summary": "2392306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392306"
},
{
"category": "external",
"summary": "2408784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408784"
},
{
"category": "external",
"summary": "JBEAP-31344",
"url": "https://issues.redhat.com/browse/JBEAP-31344"
},
{
"category": "external",
"summary": "JBEAP-30596",
"url": "https://issues.redhat.com/browse/JBEAP-30596"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0384.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.3 security update",
"tracking": {
"current_release_date": "2026-01-13T22:41:40+00:00",
"generator": {
"date": "2026-01-13T22:41:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0384",
"initial_release_date": "2026-01-08T16:57:30+00:00",
"revision_history": [
{
"date": "2026-01-08T16:57:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-08T16:57:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:41:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.1 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering@5.0.12-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.6-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.10-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.6.36-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.3.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-el-api_5.0_spec@4.0.2-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-threads@2.5.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"product": {
"name": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"product_id": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-4.GA_redhat_00007.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle@1.82.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product": {
"name": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_id": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eventstream@1.0.1-3.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"product_id": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-undertow@2.3.20-2.SP4_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.3-4.GA_redhat_00006.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-cache-infinispan-common@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-cache-infinispan-embedded@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-cache-infinispan-remote@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-cache-spi@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-context@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-marshalling-jboss@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-marshalling-protostream@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-marshalling-spi@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-server-api@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-server-infinispan@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-server-jgroups@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-server-local@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-server-spi@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-session-cache@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-session-infinispan-embedded@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-session-infinispan-remote@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-session-spec-servlet-6.0@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-session-spec-spi@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-clustering-session-spi@5.0.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.6.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.10-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.6.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.6.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.6.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.3.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@801.3.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-el-api_5.0_spec@4.0.2-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-threads@2.5.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"product_id": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-4.GA_redhat_00007.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle@1.82.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-jmail@1.82.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-pg@1.82.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-pkix@1.82.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-prov@1.82.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-util@1.82.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eventstream@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-undertow@2.3.20-2.SP4_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.3-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.1.3-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.1.3-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.1.3-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src"
},
"product_reference": "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src"
},
"product_reference": "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-3884",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275287"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows unauthorized users to cause a remote denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Moderate impact since this requires the use of a specific form method by the server that must be externally available and the input is not sanitized by the given servlet or class implementing its use.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3884"
},
{
"category": "external",
"summary": "RHBZ#2275287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275287"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3884"
}
],
"release_date": "2025-12-03T16:50:50+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T16:57:30+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0384"
},
{
"category": "workaround",
"details": "It is possible to mitigate the vulnerability by performing an upper-level verification to ensure the content size sent server side is within the allowed parameters.",
"product_ids": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded"
},
{
"cve": "CVE-2025-9784",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-01T06:19:20.938000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392306"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a Denial of Service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9784"
},
{
"category": "external",
"summary": "RHBZ#2392306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392306"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9784"
},
{
"category": "external",
"summary": "https://github.com/undertow-io/undertow/pull/1778",
"url": "https://github.com/undertow-io/undertow/pull/1778"
},
{
"category": "external",
"summary": "https://github.com/undertow-io/undertow/releases/tag/2.2.38.Final",
"url": "https://github.com/undertow-io/undertow/releases/tag/2.2.38.Final"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/UNDERTOW-2598",
"url": "https://issues.redhat.com/browse/UNDERTOW-2598"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-09-01T06:21:54.614000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T16:57:30+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0384"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Ahmet Artu\u00e7"
]
}
],
"cve": "CVE-2025-12543",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-10-31T06:15:35.424000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has an Important severity because it can be remotely exploited without authentication. However, limited user interaction is required for full impact. It could allow attackers to hijack additional accounts, steal credentials, or gain access to internal systems. The issue stems from improper input validation of HTTP Host headers, leading to serious breaches in confidentiality and integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12543"
},
{
"category": "external",
"summary": "RHBZ#2408784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12543"
}
],
"release_date": "2026-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T16:57:30+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0384"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use, applicability, or stability.",
"product_ids": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-apache-cxf-rt-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-services-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-apache-cxf-tools-0:4.0.10-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-bouncycastle-jmail-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pg-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-pkix-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-prov-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-bouncycastle-util-0:1.82.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.3.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-common-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-cache-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-context-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-jboss-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-protostream-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-marshalling-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-api-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-infinispan-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-jgroups-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-local-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-server-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-cache-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-embedded-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-infinispan-remote-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-servlet-6.0-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spec-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-clustering-session-spi-0:5.0.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.3-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…